Fixing vulnerabilities in old versions of gems

Gemfile

@@ -24,7 +24,7 @@ gem 'rswag-api'
 gem 'rswag-ui'
 
 # CSS framework
-gem "bootstrap", ">= 4.3.1"
+gem "bootstrap", ">= 4.6.2"
 gem 'material-sass', '4.1.1'
 
 # Icons used by bootstrap/material-sass
@@ -52,7 +52,7 @@ gem 'csv_shaper'                   # CSV export
 gem 'gibbon', '~>1.2.0'            # for Mailchimp newsletter subscriptions
 
 # Maps
-gem 'leaflet-rails', '>= 1.7.0'
+gem 'leaflet-rails', '>= 1.9.2'
 gem 'rails-assets-leaflet.markercluster', source: 'https://rails-assets.org'
 
 gem 'pg'
@@ -119,7 +119,7 @@ gem 'xmlrpc' # fixes rake error - can be removed if not needed later
 
 gem 'puma'
 
-gem 'loofah', '>= 2.2.1'
+gem 'loofah', '>= 2.19.1'
 gem 'rack-protection', '>= 2.0.1'
 
 # Member to member messaging system

Gemfile.lock

@@ -351,7 +351,7 @@ GEM
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.19.0)
+    loofah (2.19.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -661,7 +661,7 @@ DEPENDENCIES
   better_errors
   bluecloth
   bonsai-elasticsearch-rails
-  bootstrap (>= 4.3.1)
+  bootstrap (>= 4.6.2)
   bootstrap-datepicker-rails
   bootstrap_form (>= 4.5.0)
   bullet
@@ -703,10 +703,10 @@ DEPENDENCIES
   js-routes
   jsonapi-resources
   jsonapi-swagger
-  leaflet-rails (>= 1.7.0)
+  leaflet-rails (>= 1.9.2)
   letter_opener
   listen
-  loofah (>= 2.2.1)
+  loofah (>= 2.19.1)
   mailboxer (>= 0.15.1)
   material-sass (= 4.1.1)
   material_icons
@@ -756,7 +756,7 @@ DEPENDENCIES
   xmlrpc
 
 RUBY VERSION
-    ruby 3.1.3p185
+   ruby 3.1.3p185
 
 BUNDLED WITH
-    2.3.26
+   2.3.26