From b03e968f3f20313f57c9c10323918d09a3a7cb41 Mon Sep 17 00:00:00 2001 From: baarkerlounger Date: Wed, 13 Jul 2022 10:05:46 +0100 Subject: [PATCH] Rails security fix CVE-2022-32224 --- Gemfile.lock | 114 +++++++++++++++++++++++++-------------------------- yarn.lock | 18 ++++---- 2 files changed, 66 insertions(+), 66 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5e2ae17ee..944e61046 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -13,67 +13,67 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (7.0.3) - actionpack (= 7.0.3) - activesupport (= 7.0.3) + actioncable (7.0.3.1) + actionpack (= 7.0.3.1) + activesupport (= 7.0.3.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.3) - actionpack (= 7.0.3) - activejob (= 7.0.3) - activerecord (= 7.0.3) - activestorage (= 7.0.3) - activesupport (= 7.0.3) + actionmailbox (7.0.3.1) + actionpack (= 7.0.3.1) + activejob (= 7.0.3.1) + activerecord (= 7.0.3.1) + activestorage (= 7.0.3.1) + activesupport (= 7.0.3.1) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.3) - actionpack (= 7.0.3) - actionview (= 7.0.3) - activejob (= 7.0.3) - activesupport (= 7.0.3) + actionmailer (7.0.3.1) + actionpack (= 7.0.3.1) + actionview (= 7.0.3.1) + activejob (= 7.0.3.1) + activesupport (= 7.0.3.1) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp rails-dom-testing (~> 2.0) - actionpack (7.0.3) - actionview (= 7.0.3) - activesupport (= 7.0.3) + actionpack (7.0.3.1) + actionview (= 7.0.3.1) + activesupport (= 7.0.3.1) rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.3) - actionpack (= 7.0.3) - activerecord (= 7.0.3) - activestorage (= 7.0.3) - activesupport (= 7.0.3) + actiontext (7.0.3.1) + actionpack (= 7.0.3.1) + activerecord (= 7.0.3.1) + activestorage (= 7.0.3.1) + activesupport (= 7.0.3.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.3) - activesupport (= 7.0.3) + actionview (7.0.3.1) + activesupport (= 7.0.3.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (7.0.3) - activesupport (= 7.0.3) + activejob (7.0.3.1) + activesupport (= 7.0.3.1) globalid (>= 0.3.6) - activemodel (7.0.3) - activesupport (= 7.0.3) - activerecord (7.0.3) - activemodel (= 7.0.3) - activesupport (= 7.0.3) - activestorage (7.0.3) - actionpack (= 7.0.3) - activejob (= 7.0.3) - activerecord (= 7.0.3) - activesupport (= 7.0.3) + activemodel (7.0.3.1) + activesupport (= 7.0.3.1) + activerecord (7.0.3.1) + activemodel (= 7.0.3.1) + activesupport (= 7.0.3.1) + activestorage (7.0.3.1) + actionpack (= 7.0.3.1) + activejob (= 7.0.3.1) + activerecord (= 7.0.3.1) + activesupport (= 7.0.3.1) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (7.0.3) + activesupport (7.0.3.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -82,7 +82,7 @@ GEM public_suffix (>= 2.0.2, < 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.604.0) + aws-partitions (1.605.0) aws-sdk-core (3.131.2) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) @@ -225,11 +225,11 @@ GEM net-protocol timeout nio4r (2.5.8) - nokogiri (1.13.6-arm64-darwin) + nokogiri (1.13.7-arm64-darwin) racc (~> 1.4) - nokogiri (1.13.6-x86_64-darwin) + nokogiri (1.13.7-x86_64-darwin) racc (~> 1.4) - nokogiri (1.13.6-x86_64-linux) + nokogiri (1.13.7-x86_64-linux) racc (~> 1.4) notifications-ruby-client (5.3.0) jwt (>= 1.5, < 3) @@ -275,28 +275,28 @@ GEM rack (>= 1.2.0) rack-test (2.0.2) rack (>= 1.3) - rails (7.0.3) - actioncable (= 7.0.3) - actionmailbox (= 7.0.3) - actionmailer (= 7.0.3) - actionpack (= 7.0.3) - actiontext (= 7.0.3) - actionview (= 7.0.3) - activejob (= 7.0.3) - activemodel (= 7.0.3) - activerecord (= 7.0.3) - activestorage (= 7.0.3) - activesupport (= 7.0.3) + rails (7.0.3.1) + actioncable (= 7.0.3.1) + actionmailbox (= 7.0.3.1) + actionmailer (= 7.0.3.1) + actionpack (= 7.0.3.1) + actiontext (= 7.0.3.1) + actionview (= 7.0.3.1) + activejob (= 7.0.3.1) + activemodel (= 7.0.3.1) + activerecord (= 7.0.3.1) + activestorage (= 7.0.3.1) + activesupport (= 7.0.3.1) bundler (>= 1.15.0) - railties (= 7.0.3) + railties (= 7.0.3.1) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) rails-html-sanitizer (1.4.3) loofah (~> 2.3) - railties (7.0.3) - actionpack (= 7.0.3) - activesupport (= 7.0.3) + railties (7.0.3.1) + actionpack (= 7.0.3.1) + activesupport (= 7.0.3.1) method_source rake (>= 12.2) thor (~> 1.0) diff --git a/yarn.lock b/yarn.lock index abefb081f..cc0a4901a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1193,9 +1193,9 @@ "@types/json-schema" "*" "@types/estree@*": - version "0.0.52" - resolved "https://registry.yarnpkg.com/@types/estree/-/estree-0.0.52.tgz#7f1f57ad5b741f3d5b210d3b1f145640d89bf8fe" - integrity sha512-BZWrtCU0bMVAIliIV+HJO1f1PR41M7NKjfxrFJwwhKI1KwhwOxYw1SXg9ao+CIMt774nFuGiG6eU+udtbEI9oQ== + version "1.0.0" + resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.0.tgz#5fb2e536c1ae9bf35366eed879e827fa59ca41c2" + integrity sha512-WulqXMDUTYAXCjZnk6JtIHPigp55cVtDgDrO2gHRwhyJto21+1zbVCtOYB2L1F9w4qCQ0rOGWBnBe0FNTiEJIQ== "@types/estree@0.0.39": version "0.0.39" @@ -1915,9 +1915,9 @@ camelcase@^5.3.1: integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg== caniuse-lite@^1.0.30001359: - version "1.0.30001365" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001365.tgz#72c2c3863b1a545cfd3d9953535bd2ee17568158" - integrity sha512-VDQZ8OtpuIPMBA4YYvZXECtXbddMCUFJk1qu8Mqxfm/SZJNSr1cy4IuLCOL7RJ/YASrvJcYg1Zh+UEUQ5m6z8Q== + version "1.0.30001366" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001366.tgz#c73352c83830a9eaf2dea0ff71fb4b9a4bbaa89c" + integrity sha512-yy7XLWCubDobokgzudpkKux8e0UOOnLHE6mlNJBzT3lZJz6s5atSEzjoL+fsCPkI0G8MP5uVdDx1ur/fXEWkZA== chalk@^1.1.3: version "1.1.3" @@ -2384,9 +2384,9 @@ ejs@^3.1.6: jake "^10.8.5" electron-to-chromium@^1.4.172: - version "1.4.186" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.186.tgz#a811bba15f0868d3f4164b0f4ede8adc8773831b" - integrity sha512-YoVeFrGd/7ROjz4R9uPoND1K/hSRC/xADy9639ZmIZeJSaBnKdYx3I6LMPsY7CXLpK7JFgKQVzeZ/dk2br6Eaw== + version "1.4.187" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.187.tgz#b884493df00816dc2ce928958c4f6a51a93fe1a8" + integrity sha512-t3iFLHVIMhB8jGZ+8ui951nz6Bna5qKfhxezG3wzXdBJ79qFKPsE2chjjVFNqC1ewhfrPQrw9pmVeo4FFpZeQA== element-closest@^2.0.2: version "2.0.2"