SECURITY: update rubyzip dependency

This updates rubyzip library so that callers can trust entries when extracting files avoiding situations where a rogues zip imported by a rogue admin could cause a disk space issue.
2024-11-22 08:57:10 -06:00 · 2019-10-01 17:11:20 +10:00 · 2019-10-01 17:11:20 +10:00 · 0420e8145e
commit 0420e8145e
parent ba0114a6ff
1 changed files with 1 additions and 1 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -353,7 +353,7 @@ GEM
      guess_html_encoding (>= 0.0.4)
      nokogiri (>= 1.6.0)
    ruby_dep (1.5.0)
-    rubyzip (1.2.3)
+    rubyzip (2.0.0)
    safe_yaml (1.0.5)
    sanitize (5.0.0)
      crass (~> 1.0.2)