From 00ae4ed49fb6c286f77de31a694c33752cbd780e Mon Sep 17 00:00:00 2001
From: Daniel O'Connor <daniel.oconnor@gmail.com>
Date: Wed, 12 Aug 2015 16:23:48 +0930
Subject: [PATCH] Name: paperclip Version: 4.2.1 Advisory: CVE-2015-2963
 Criticality: Medium URL:
 https://robots.thoughtbot.com/paperclip-security-release Title: Paperclip Gem
 for Ruby vulnerable to content type spoofing Solution: upgrade to >= 4.2.2

---
 Gemfile.lock | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index e9a80a0a4..1598f2ed9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     climate_control (0.0.3)
       activesupport (>= 3.0)
     cliver (0.3.2)
-    cocaine (0.5.5)
+    cocaine (0.5.7)
       climate_control (>= 0.0.3, < 1.0)
     codemirror-rails (4.8)
       railties (>= 3.0, < 5)
@@ -264,6 +264,7 @@ GEM
     memcachier (0.0.2)
     method_source (0.8.2)
     mime-types (2.6.1)
+    mimemagic (0.3.0)
     mini_portile (0.6.1)
     minitest (5.8.0)
     multi_json (1.11.2)
@@ -290,11 +291,12 @@ GEM
       multi_json (~> 1.3)
       omniauth-oauth (~> 1.0)
     orm_adapter (0.5.0)
-    paperclip (4.2.1)
-      activemodel (>= 3.0.0)
-      activesupport (>= 3.0.0)
-      cocaine (~> 0.5.3)
+    paperclip (4.3.0)
+      activemodel (>= 3.2.0)
+      activesupport (>= 3.2.0)
+      cocaine (~> 0.5.5)
       mime-types
+      mimemagic (= 0.3.0)
     pg (0.17.1)
     plupload-rails (1.2.1)
       rails (>= 3.1)