mirror of
https://github.com/Growstuff/growstuff.git
synced 2026-03-24 01:32:40 -04:00
Name: paperclip
Version: 4.2.1 Advisory: CVE-2015-2963 Criticality: Medium URL: https://robots.thoughtbot.com/paperclip-security-release Title: Paperclip Gem for Ruby vulnerable to content type spoofing Solution: upgrade to >= 4.2.2
This commit is contained in:
Daniel O'Connor
12
Gemfile.lock
12
Gemfile.lock
@@ -89,7 +89,7 @@ GEM
|
||||
climate_control (0.0.3)
|
||||
activesupport (>= 3.0)
|
||||
cliver (0.3.2)
|
||||
cocaine (0.5.5)
|
||||
cocaine (0.5.7)
|
||||
climate_control (>= 0.0.3, < 1.0)
|
||||
codemirror-rails (4.8)
|
||||
railties (>= 3.0, < 5)
|
||||
@@ -264,6 +264,7 @@ GEM
|
||||
memcachier (0.0.2)
|
||||
method_source (0.8.2)
|
||||
mime-types (2.6.1)
|
||||
mimemagic (0.3.0)
|
||||
mini_portile (0.6.1)
|
||||
minitest (5.8.0)
|
||||
multi_json (1.11.2)
|
||||
@@ -290,11 +291,12 @@ GEM
|
||||
multi_json (~> 1.3)
|
||||
omniauth-oauth (~> 1.0)
|
||||
orm_adapter (0.5.0)
|
||||
paperclip (4.2.1)
|
||||
activemodel (>= 3.0.0)
|
||||
activesupport (>= 3.0.0)
|
||||
cocaine (~> 0.5.3)
|
||||
paperclip (4.3.0)
|
||||
activemodel (>= 3.2.0)
|
||||
activesupport (>= 3.2.0)
|
||||
cocaine (~> 0.5.5)
|
||||
mime-types
|
||||
mimemagic (= 0.3.0)
|
||||
pg (0.17.1)
|
||||
plupload-rails (1.2.1)
|
||||
rails (>= 3.1)
|
||||
|
||||
Reference in New Issue
Block a user