diff options
| author | Daigo 3 Dango <zunda@users.noreply.github.com> | 2021-04-09 00:31:36 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-09 02:31:36 +0200 |
| commit | 3f8d0de82e15f80f1dfbd4d93f721b2853538774 (patch) | |
| tree | f4eef45776865cdfd661ad7d5563dc5bd2970234 | |
| parent | 3f2533ca8e2465fbc742df02741e7dbe633d0da0 (diff) | |
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3 https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ includes security fixes to - CVE-2021-28965: XML round-trip vulnerability in REXML - CVE-2021-28966: Path traversal in Tempfile on Windows * Update rexml to 3.2.5 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
| -rw-r--r-- | .ruby-version | 2 | ||||
| -rw-r--r-- | Dockerfile | 2 | ||||
| -rw-r--r-- | Gemfile.lock | 4 |
3 files changed, 4 insertions, 4 deletions
diff --git a/.ruby-version b/.ruby-version index 37c2961c2..2c9b4ef42 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.7.2 +2.7.3 diff --git a/Dockerfile b/Dockerfile index 962e5a8c9..ee0fc6e69 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN ARCH= && \ mv node-v$NODE_VER-linux-$ARCH /opt/node # Install Ruby -ENV RUBY_VER="2.7.2" +ENV RUBY_VER="2.7.3" RUN apt-get update && \ apt-get install -y --no-install-recommends build-essential \ bison libyaml-dev libgdbm-dev libreadline-dev libjemalloc-dev \ diff --git a/Gemfile.lock b/Gemfile.lock index 5ac7c0923..fecaee7f5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -436,7 +436,7 @@ GEM parallel (1.20.1) parallel_tests (3.6.0) parallel - parser (3.0.0.0) + parser (3.0.1.0) ast (~> 2.4.1) parslet (2.0.0) pastel (0.8.0) @@ -529,7 +529,7 @@ GEM responders (3.0.1) actionpack (>= 5.0) railties (>= 5.0) - rexml (3.2.4) + rexml (3.2.5) rotp (6.2.0) rpam2 (4.0.2) rqrcode (1.2.0) |