diff --git a/Changelog.md b/Changelog.md index 0c5d50430..a4d4d7033 100644 --- a/Changelog.md +++ b/Changelog.md @@ -190,13 +190,9 @@ The command will report queues that still have jobs and launch sidekiq process f * Properly support pluralization in timeago strings [#6926](https://github.com/diaspora/diaspora/pull/6926) * Return all contacts in people search [#6951](https://github.com/diaspora/diaspora/pull/6951) -# 0.5.11.0 +# 0.5.10.2 -## Refactor - -## Bug fixes - -## Features +Update to Rails 4.2.7.1 which fixes [CVE-2016-6316](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE) and [CVE-2016-6317](https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA). # 0.5.10.1 diff --git a/Gemfile b/Gemfile index 98d43d08e..fd3fcc77a 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -gem "rails", "4.2.7" +gem "rails", "4.2.7.1" # Legacy Rails features, remove me! # responders (class level) diff --git a/Gemfile.lock b/Gemfile.lock index 26cd18a4c..b851160fa 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,40 +3,40 @@ GEM remote: https://rails-assets.org/ specs: CFPropertyList (2.3.2) - actionmailer (4.2.7) - actionpack (= 4.2.7) - actionview (= 4.2.7) - activejob (= 4.2.7) + actionmailer (4.2.7.1) + actionpack (= 4.2.7.1) + actionview (= 4.2.7.1) + activejob (= 4.2.7.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.7) - actionview (= 4.2.7) - activesupport (= 4.2.7) + actionpack (4.2.7.1) + actionview (= 4.2.7.1) + activesupport (= 4.2.7.1) rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.7) - activesupport (= 4.2.7) + actionview (4.2.7.1) + activesupport (= 4.2.7.1) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) active_model_serializers (0.9.5) activemodel (>= 3.2) - activejob (4.2.7) - activesupport (= 4.2.7) + activejob (4.2.7.1) + activesupport (= 4.2.7.1) globalid (>= 0.3.0) - activemodel (4.2.7) - activesupport (= 4.2.7) + activemodel (4.2.7.1) + activesupport (= 4.2.7.1) builder (~> 3.1) - activerecord (4.2.7) - activemodel (= 4.2.7) - activesupport (= 4.2.7) + activerecord (4.2.7.1) + activemodel (= 4.2.7.1) + activesupport (= 4.2.7.1) arel (~> 6.0) activerecord-import (0.13.0) activerecord (>= 3.0) - activesupport (4.2.7) + activesupport (4.2.7.1) i18n (~> 0.7) json (~> 1.7, >= 1.7.7) minitest (~> 5.1) @@ -373,7 +373,7 @@ GEM gitlab (3.6.1) httparty terminal-table - globalid (0.3.6) + globalid (0.3.7) activesupport (>= 4.1.0) gon (6.0.1) actionpack (>= 3.0) @@ -633,16 +633,16 @@ GEM rack rack-test (0.6.3) rack (>= 1.0) - rails (4.2.7) - actionmailer (= 4.2.7) - actionpack (= 4.2.7) - actionview (= 4.2.7) - activejob (= 4.2.7) - activemodel (= 4.2.7) - activerecord (= 4.2.7) - activesupport (= 4.2.7) + rails (4.2.7.1) + actionmailer (= 4.2.7.1) + actionpack (= 4.2.7.1) + actionview (= 4.2.7.1) + activejob (= 4.2.7.1) + activemodel (= 4.2.7.1) + activerecord (= 4.2.7.1) + activesupport (= 4.2.7.1) bundler (>= 1.3.0, < 2.0) - railties (= 4.2.7) + railties (= 4.2.7.1) sprockets-rails rails-assets-autosize (3.0.15) rails-assets-blueimp-gallery (2.21.2) @@ -705,9 +705,9 @@ GEM remotipart (~> 1.0) safe_yaml (~> 1.0) sass-rails (>= 4.0, < 6) - railties (4.2.7) - actionpack (= 4.2.7) - activesupport (= 4.2.7) + railties (4.2.7.1) + actionpack (= 4.2.7.1) + activesupport (= 4.2.7.1) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (2.1.0) @@ -991,7 +991,7 @@ DEPENDENCIES rack-protection (= 1.5.3) rack-rewrite (= 1.5.1) rack-ssl (= 1.4.1) - rails (= 4.2.7) + rails (= 4.2.7.1) rails-assets-autosize (= 3.0.15)! rails-assets-blueimp-gallery (= 2.21.2)! rails-assets-diaspora_jsxc (= 0.1.5.develop.1)!