public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gollum: 5.1 -> 5.1.1 (security, CVE-2020-14001)

Browse Source 
This also fixes a potential security issue (reported by bundler-audit)
by updating kramdown to 2.3.0 for CVE-2020-14001 [0].

[0]: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6
This commit is contained in:
Michael Weiss 2020-08-13 21:08:06 +02:00
parent 421b2a04b0
commit 6e4042d067
No known key found for this signature in database
GPG Key ID: 5BE487C4D4771D83
2 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkgs/applications/misc/gollum/Gemfile.lock
View File

@ -2,17 +2,17 @@ GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
specs: specs:
backports (3.18.1) backports (3.18.1)
concurrent-ruby (1.1.6) concurrent-ruby (1.1.7)
crass (1.0.6) crass (1.0.6)
execjs (2.7.0) execjs (2.7.0)
ffi (1.13.1) ffi (1.13.1)
gemojione (4.3.3) gemojione (4.3.3)
json json
github-markup (3.0.4) github-markup (3.0.4)
gollum (5.1) gollum (5.1.1)
gemojione (~> 4.1) gemojione (~> 4.1)
gollum-lib (~> 5.0) gollum-lib (~> 5.0)
kramdown (~> 2.1.0) kramdown (~> 2.3)
kramdown-parser-gfm (~> 1.0.0) kramdown-parser-gfm (~> 1.0.0)
mustache (>= 0.99.5, < 1.0.0) mustache (>= 0.99.5, < 1.0.0)
octicons (~> 8.5) octicons (~> 8.5)
@ -38,7 +38,8 @@ GEM
mime-types (>= 1.15) mime-types (>= 1.15)
rugged (~> 0.99) rugged (~> 0.99)
json (2.3.1) json (2.3.1)
kramdown (2.1.0) kramdown (2.3.0)
rexml
kramdown-parser-gfm (1.0.1) kramdown-parser-gfm (1.0.1)
kramdown (~> 2.0) kramdown (~> 2.0)
loofah (2.6.0) loofah (2.6.0)
@ -63,7 +64,7 @@ GEM
rb-inotify (0.10.1) rb-inotify (0.10.1)
ffi (~> 1.0) ffi (~> 1.0)
rexml (3.2.4) rexml (3.2.4)
rouge (3.21.0) rouge (3.22.0)
rss (0.2.9) rss (0.2.9)
rexml rexml
ruby2_keywords (0.0.2) ruby2_keywords (0.0.2)

17
pkgs/applications/misc/gollum/gemset.nix
View File

@ -14,10 +14,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "094387x4yasb797mv07cs3g6f08y56virc2rjcpb1k79rzaj3nhl"; sha256 = "1vnxrbhi7cq3p4y2v9iwd10v1c7l15is4var14hwnb2jip4fyjzz";
type = "gem"; type = "gem";
}; };
version = "1.1.6"; version = "1.1.7";
}; };
crass = { crass = {
groups = ["default"]; groups = ["default"];
@ -76,10 +76,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "06qc6flb2sik64ich3j4a9yky9cqsj77vdjff51wxi4lhd9ga6sk"; sha256 = "14i6y3ilv9l7cqvkawl75js26cfj1pd8cphhmq9lic95ajvdf371";
type = "gem"; type = "gem";
}; };
version = "5.1"; version = "5.1.1";
}; };
gollum-lib = { gollum-lib = {
dependencies = ["gemojione" "github-markup" "gollum-rugged_adapter" "loofah" "nokogiri" "octicons" "rouge" "twitter-text"]; dependencies = ["gemojione" "github-markup" "gollum-rugged_adapter" "loofah" "nokogiri" "octicons" "rouge" "twitter-text"];
@ -114,14 +114,15 @@
version = "2.3.1"; version = "2.3.1";
}; };
kramdown = { kramdown = {
dependencies = ["rexml"];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "1dl840bvx8d9nq6lg3mxqyvbiqnr6lk3jfsm6r8zhz7p5srmd688"; sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7";
type = "gem"; type = "gem";
}; };
version = "2.1.0"; version = "2.3.0";
}; };
kramdown-parser-gfm = { kramdown-parser-gfm = {
dependencies = ["kramdown"]; dependencies = ["kramdown"];
@ -286,10 +287,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "1agrrmj88k9jkk36ra1ml2c1jffpp595pkxmcla74ac9ia09vn3s"; sha256 = "1wcz7i009wdbymlfsamagqi18m6ih8j60bii0k18f21g70r72i0m";
type = "gem"; type = "gem";
}; };
version = "3.21.0"; version = "3.22.0";
}; };
rss = { rss = {
dependencies = ["rexml"]; dependencies = ["rexml"];