Security updates
The bundler-audit gem found that there are some security issues in the current dependency list for crabgrass. These should be updated ASAP:
Insecure Source URI found: git://github.com/rails/prototype_legacy_helper.git Insecure Source URI found: git://github.com/thedarkone/rails-dev-boost.git Name: RedCloth Version: 4.2.9 Advisory: CVE-2012-6684 Criticality: Medium URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6684 Title: RedCloth Gem for Ruby Textile Link Parsing XSS Solution: upgrade to >= 4.3.0 Name: mail Version: 2.5.4 Advisory: 131677 Criticality: Unknown URL: http://www.mbsd.jp/Whitepaper/smtpi.pdf Title: Mail Gem for Ruby vulnerable to SMTP Injection via recipient email addresses Solution: upgrade to >= 2.6.0 Name: nokogiri Version: 1.6.7.1 Advisory: CVE-2015-7499 Criticality: Medium URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM Title: Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2 Solution: upgrade to >= 1.6.7.2 Name: nokogiri Version: 1.6.7.1 Advisory: CVE-2015-8806 Criticality: Unknown URL: https://github.com/sparklemotion/nokogiri/issues/1473 Title: Denial of service or RCE from libxml2 and libxslt Solution: upgrade to >= 1.6.8 Vulnerabilities found!