redcarpet 3.2.2 has an XSS vulnerability

see: http://www.openwall.com/lists/oss-security/2015/04/07/11
2015-04-09 18:20:53 +09:00 · 2015-04-09 18:20:53 +09:00 · 6c98100620
parent 8c8e9b34d5
commit 6c98100620
2 changed files with 3 additions and 3 deletions
--- a/2
+++ b/2
@ -30,7 +30,7 @@ gem 'uglifier', '>= 1.3.0', require: false

 group :doc do
  gem 'sdoc', '~> 0.4.0'
-  gem 'redcarpet', '~> 3.2.2', platforms: :ruby
+  gem 'redcarpet', '~> 3.2.3', platforms: :ruby
  gem 'w3c_validators'
  gem 'kindlerb', '0.1.1'
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -170,7 +170,7 @@ GEM
      loofah (~> 2.0)
    rake (10.4.2)
    rdoc (4.2.0)
-    redcarpet (3.2.2)
+    redcarpet (3.2.3)
    redis (3.2.1)
    redis-namespace (1.5.1)
      redis (~> 3.0, >= 3.0.4)
@ -272,7 +272,7 @@ DEPENDENCIES
  rack-cache (~> 1.2)
  rails!
  rake (>= 10.3)
-  redcarpet (~> 3.2.2)
+  redcarpet (~> 3.2.3)
  resque
  resque-scheduler
  sdoc (~> 0.4.0)