Update rails (new patch-level).

Mitigates a possible XSS vulnerability in ActionView (CVE-2020-5267).

Update rails (new patch-level).
Mitigates a possible XSS vulnerability in ActionView (CVE-2020-5267).
c5951453 · paz · georg · f8c23fd6 · c5951453
Verified Commit c5951453 authored Mar 23, 2020 by paz Committed by georg Apr 17, 2020
--- a/Gemfile.lock
+++ b/Gemfile.lock
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (5.2.4)
-      actionpack (= 5.2.4)
+    actioncable (5.2.4.2)
+      actionpack (= 5.2.4.2)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailer (5.2.4)
-      actionpack (= 5.2.4)
-      actionview (= 5.2.4)
-      activejob (= 5.2.4)
+    actionmailer (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      actionview (= 5.2.4.2)
+      activejob (= 5.2.4.2)
      mail (~> 2.5, >= 2.5.4)
      rails-dom-testing (~> 2.0)
-    actionpack (5.2.4)
-      actionview (= 5.2.4)
-      activesupport (= 5.2.4)
-      rack (~> 2.0)
+    actionpack (5.2.4.2)
+      actionview (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
+      rack (~> 2.0, >= 2.0.8)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.4)
-      activesupport (= 5.2.4)
+    actionview (5.2.4.2)
+      activesupport (= 5.2.4.2)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.2.4)
-      activesupport (= 5.2.4)
+    activejob (5.2.4.2)
+      activesupport (= 5.2.4.2)
      globalid (>= 0.3.6)
-    activemodel (5.2.4)
-      activesupport (= 5.2.4)
+    activemodel (5.2.4.2)
+      activesupport (= 5.2.4.2)
    activemodel-serializers-xml (1.0.2)
      activemodel (> 5.x)
      activesupport (> 5.x)
      builder (~> 3.1)
-    activerecord (5.2.4)
-      activemodel (= 5.2.4)
-      activesupport (= 5.2.4)
+    activerecord (5.2.4.2)
+      activemodel (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
      arel (>= 9.0)
    activeresource (5.1.0)
      activemodel (>= 5.0, < 7)
@@ -43,11 +43,11 @@ GEM
      activesupport (>= 5.0, < 7)
    activeresource-response (1.4.0)
      activeresource (>= 3, < 6.1)
-    activestorage (5.2.4)
-      actionpack (= 5.2.4)
-      activerecord (= 5.2.4)
+    activestorage (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      activerecord (= 5.2.4.2)
      marcel (~> 0.3.1)
-    activesupport (5.2.4)
+    activesupport (5.2.4.2)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 0.7, < 2)
      minitest (~> 5.1)
@@ -63,7 +63,7 @@ GEM
    bootstrap-sass (3.4.1)
      autoprefixer-rails (>= 5.2.1)
      sassc (>= 2.0.0)
-    builder (3.2.3)
+    builder (3.2.4)
    byebug (11.0.1)
    cancancan (3.0.1)
    capybara (3.29.0)
@@ -74,10 +74,10 @@ GEM
      rack-test (>= 0.6.3)
      regexp_parser (~> 1.5)
      xpath (~> 3.2)
-    concurrent-ruby (1.1.5)
+    concurrent-ruby (1.1.6)
    crack (0.4.3)
      safe_yaml (~> 1.0.0)
-    crass (1.0.5)
+    crass (1.0.6)
    daemons (1.3.1)
    diff-lcs (1.3)
    erubi (1.9.0)
@@ -107,7 +107,7 @@ GEM
      haml (>= 4.0, < 6)
      nokogiri (>= 1.6.0)
      ruby_parser (~> 3.5)
-    i18n (1.7.0)
+    i18n (1.8.2)
      concurrent-ruby (~> 1.0)
    launchy (2.4.3)
      addressable (~> 2.3)
@@ -121,11 +121,11 @@ GEM
      mini_mime (>= 0.1.1)
    marcel (0.3.3)
      mimemagic (~> 0.3.2)
-    method_source (0.9.2)
-    mimemagic (0.3.3)
+    method_source (1.0.0)
+    mimemagic (0.3.4)
    mini_mime (1.0.2)
    mini_portile2 (2.4.0)
-    minitest (5.13.0)
+    minitest (5.14.0)
    msgpack (1.3.1)
    mustermann (1.0.3)
    nio4r (2.5.2)
@@ -137,27 +137,27 @@ GEM
      rack
    rack-test (1.1.0)
      rack (>= 1.0, < 3)
-    rails (5.2.4)
-      actioncable (= 5.2.4)
-      actionmailer (= 5.2.4)
-      actionpack (= 5.2.4)
-      actionview (= 5.2.4)
-      activejob (= 5.2.4)
-      activemodel (= 5.2.4)
-      activerecord (= 5.2.4)
-      activestorage (= 5.2.4)
-      activesupport (= 5.2.4)
+    rails (5.2.4.2)
+      actioncable (= 5.2.4.2)
+      actionmailer (= 5.2.4.2)
+      actionpack (= 5.2.4.2)
+      actionview (= 5.2.4.2)
+      activejob (= 5.2.4.2)
+      activemodel (= 5.2.4.2)
+      activerecord (= 5.2.4.2)
+      activestorage (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
      bundler (>= 1.3.0)
-      railties (= 5.2.4)
+      railties (= 5.2.4.2)
      sprockets-rails (>= 2.0.0)
    rails-dom-testing (2.0.3)
      activesupport (>= 4.2.0)
      nokogiri (>= 1.6)
    rails-html-sanitizer (1.3.0)
      loofah (~> 2.3)
-    railties (5.2.4)
-      actionpack (= 5.2.4)
-      activesupport (= 5.2.4)
+    railties (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
      method_source
      rake (>= 0.8.7)
      thor (>= 0.19.0, < 2.0)
@@ -224,10 +224,10 @@ GEM
      daemons (~> 1.0, >= 1.0.9)
      eventmachine (~> 1.0, >= 1.0.4)
      rack (>= 1, < 3)
-    thor (0.20.3)
+    thor (1.0.1)
    thread_safe (0.3.6)
    tilt (2.0.10)
-    tzinfo (1.2.5)
+    tzinfo (1.2.6)
      thread_safe (~> 0.1)
    webmock (3.7.6)
      addressable (>= 2.3.6)