Skip to content

Commit

Permalink
Bump date
Browse files Browse the repository at this point in the history
CVE-2021-41817 の脆弱性が発見されたため Date gem をアップデートする
https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
  • Loading branch information
ima1zumi committed Nov 17, 2021
1 parent 3c40633 commit 244f865
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
ruby '2.7.4'

gem 'bootsnap', '>= 1.4.4', require: false
gem 'date', '>= 3.2.1' # CVE-2021-41817対応
gem 'image_processing', '~> 1.2'
gem 'jbuilder', '~> 2.7'
gem 'puma', '~> 5.5'
Expand Down
2 changes: 2 additions & 0 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ GEM
crass (1.0.6)
data_migrate (6.6.0)
rails (>= 5.0)
date (3.2.1)
dead_end (1.1.7)
declarative (0.0.20)
declarative-option (0.1.0)
Expand Down Expand Up @@ -511,6 +512,7 @@ DEPENDENCIES
coffee-rails (~> 5.0.0)
commonmarker
data_migrate
date (>= 3.2.1)
dead_end
diffy
discord-notifier
Expand Down

0 comments on commit 244f865

Please sign in to comment.