Skip to content

Commit

Permalink
redmine: 5.1.4 -> 5.1.5
Browse files Browse the repository at this point in the history
Update Redmine and also used gems.

Updating gems fixes the following CVEs:

  * CVE-2024-53985
  * CVE-2024-53986
  * CVE-2024-53987
  * CVE-2024-53988
  * CVE-2024-53989

The following vulnerabilities remain:

  * CVE-2024-54133
  * GHSA-r95h-9x8f-r3f7

Signed-off-by: Felix Singer <[email protected]>
  • Loading branch information
felixsinger committed Dec 21, 2024
1 parent dba9da8 commit 3dff40d
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 62 deletions.
46 changes: 24 additions & 22 deletions pkgs/by-name/re/redmine/Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -78,18 +78,19 @@ GEM
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
chunky_png (1.4.0)
commonmarker (0.23.10)
commonmarker (0.23.11)
concurrent-ruby (1.3.4)
crass (1.0.6)
css_parser (1.19.1)
css_parser (1.21.0)
addressable
csv (3.2.9)
date (3.4.0)
date (3.4.1)
deckar01-task_list (2.3.2)
html-pipeline
docile (1.4.1)
erubi (1.13.0)
ffi (1.17.0)
ffi (1.17.0-x86_64-linux-gnu)
globalid (1.2.1)
activesupport (>= 6.1)
html-pipeline (2.13.2)
Expand All @@ -98,12 +99,12 @@ GEM
htmlentities (4.3.4)
i18n (1.14.6)
concurrent-ruby (~> 1.0)
json (2.7.5)
json (2.9.0)
language_server-protocol (3.17.0.3)
listen (3.9.0)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
logger (1.6.1)
logger (1.6.3)
loofah (2.23.1)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
Expand All @@ -117,9 +118,9 @@ GEM
method_source (1.1.0)
mini_magick (4.12.0)
mini_mime (1.1.5)
mini_portile2 (2.8.7)
minitest (5.25.1)
mocha (2.5.0)
mini_portile2 (2.8.8)
minitest (5.25.4)
mocha (2.7.1)
ruby2_keywords (>= 0.0.5)
mysql2 (0.5.6)
net-imap (0.3.7)
Expand All @@ -133,16 +134,16 @@ GEM
net-smtp (0.3.4)
net-protocol
nio4r (2.7.4)
nokogiri (1.15.6)
nokogiri (1.15.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.26.3)
parser (3.3.5.1)
parser (3.3.6.0)
ast (~> 2.4.1)
racc
pg (1.5.9)
public_suffix (6.0.1)
puma (6.4.3)
puma (6.5.0)
nio4r (~> 2.0)
racc (1.8.1)
rack (2.2.10)
Expand All @@ -167,9 +168,9 @@ GEM
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0)
rails-html-sanitizer (1.6.2)
loofah (~> 2.21)
nokogiri (~> 1.14)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
railties (6.1.7.10)
actionpack (= 6.1.7.10)
activesupport (= 6.1.7.10)
Expand All @@ -186,10 +187,10 @@ GEM
rbpdf-font (~> 1.19.0)
rbpdf-font (1.19.1)
redcarpet (3.6.0)
regexp_parser (2.9.2)
regexp_parser (2.9.3)
request_store (1.5.1)
rack (>= 1.4)
rexml (3.3.9)
rexml (3.4.0)
roadie (5.2.1)
css_parser (~> 1.4)
nokogiri (~> 1.15)
Expand All @@ -213,7 +214,7 @@ GEM
rubocop-ast (>= 1.28.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.33.1)
rubocop-ast (1.37.0)
parser (>= 3.3.1.0)
rubocop-performance (1.19.1)
rubocop (>= 1.7.0, < 2.0)
Expand All @@ -229,7 +230,7 @@ GEM
sanitize (6.1.3)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
selenium-webdriver (4.26.0)
selenium-webdriver (4.27.0)
base64 (~> 0.2)
logger (~> 1.4)
rexml (~> 3.2, >= 3.2.5)
Expand All @@ -251,11 +252,11 @@ GEM
sqlite3 (1.6.9)
mini_portile2 (~> 2.8.0)
thor (1.3.2)
timeout (0.4.1)
timeout (0.4.3)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
unicode-display_width (2.6.0)
webrick (1.9.0)
webrick (1.9.1)
websocket (1.2.11)
websocket-driver (0.7.6)
websocket-extensions (>= 0.1.0)
Expand All @@ -266,10 +267,11 @@ GEM
xpath (3.2.0)
nokogiri (~> 1.8)
yard (0.9.37)
zeitwerk (2.6.18)
zeitwerk (2.7.1)

PLATFORMS
ruby
x86_64-linux

DEPENDENCIES
actionpack-xml_parser
Expand Down Expand Up @@ -319,7 +321,7 @@ DEPENDENCIES
yard

RUBY VERSION
ruby 3.1.6p260
ruby 3.3.5p100

BUNDLED WITH
2.5.9
2.5.22
76 changes: 38 additions & 38 deletions pkgs/by-name/re/redmine/gemset.nix
Original file line number Diff line number Diff line change
Expand Up @@ -198,10 +198,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1lb5slzbqrca49h0gaifg82xky5r7i9xgm4560pin1xl5fp15lzx";
sha256 = "1gyjwd7in1nlf8zai2fxazxi8cy6xjzswdcjway520blb39ka7cx";
type = "gem";
};
version = "0.23.10";
version = "0.23.11";
};
concurrent-ruby = {
groups = ["common_mark" "default" "test"];
Expand Down Expand Up @@ -229,10 +229,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "17i0fn99kswvfps8r698zw2cr16rc98xdrl0d26y36rv3vhdqh0r";
sha256 = "0625073hwx41c246v9dvkp0rk0xgh9d0sc0gm73dbmlxnjwgalv7";
type = "gem";
};
version = "1.19.1";
version = "1.21.0";
};
csv = {
groups = ["default"];
Expand All @@ -249,10 +249,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "04d7l3xdmkybrd20gayf8s38pgfld0hf8m726lz9np32xnnsszrf";
sha256 = "0kz6mc4b9m49iaans6cbx031j9y7ldghpi5fzsdh0n3ixwa8w9mz";
type = "gem";
};
version = "3.4.0";
version = "3.4.1";
};
deckar01-task_list = {
dependencies = ["html-pipeline"];
Expand Down Expand Up @@ -353,10 +353,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0pkcvzvarzs5y87srla1m6rgng8mm7y4gnshlpawddsci3rlhd7b";
sha256 = "1kvbzh8530pp3qf63zvx9hnb708x7plv9wfn5ibns3h3knnvs3kw";
type = "gem";
};
version = "2.7.5";
version = "2.9.0";
};
language_server-protocol = {
groups = ["default" "test"];
Expand Down Expand Up @@ -384,10 +384,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0lwncq2rf8gm79g2rcnnyzs26ma1f4wnfjm6gs4zf2wlsdz5in9s";
sha256 = "1574gi74z5pww36rv0jvqlv9ybm87h7c37fb5r2axn3mbh0wwcs5";
type = "gem";
};
version = "1.6.1";
version = "1.6.3";
};
loofah = {
dependencies = ["crass" "nokogiri"];
Expand Down Expand Up @@ -474,31 +474,31 @@
}];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1q1f2sdw3y3y9mnym9dhjgsjr72sq975cfg5c4yx7gwv8nmzbvhk";
sha256 = "0x8asxl83msn815lwmb2d7q5p29p7drhjv5va0byhk60v9n16iwf";
type = "gem";
};
version = "2.8.7";
version = "2.8.8";
};
minitest = {
groups = ["common_mark" "default" "test"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1n1akmc6bibkbxkzm1p1wmfb4n9vv397knkgz0ffykb3h1d7kdix";
sha256 = "0izrg03wn2yj3gd76ck7ifbm9h2kgy8kpg4fk06ckpy4bbicmwlw";
type = "gem";
};
version = "5.25.1";
version = "5.25.4";
};
mocha = {
dependencies = ["ruby2_keywords"];
groups = ["test"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "05vp9kfz8d8wmclpkc9vj67ic1f7p1d5m2kd7xm4rvz8ci85jlkq";
sha256 = "0lgqyxxdxgfik77a7lk2hjkr6flimgxr4gcbg3y7bg1ybn6m6zcg";
type = "gem";
};
version = "2.5.0";
version = "2.7.1";
};
mysql2 = {
groups = ["default"];
Expand Down Expand Up @@ -588,10 +588,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "023f2j0q8makgmmfj4pv2fhwgcbh9y8s678za1cb68ry9fdpkkkh";
sha256 = "16w64l83ycfwbaqyw06j8c8l8r30xy33lkv761516byix5nzl3ls";
type = "gem";
};
version = "1.15.6";
version = "1.15.7";
};
parallel = {
groups = ["default" "test"];
Expand All @@ -609,10 +609,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0rbc2ggfw9cwscv1f9dl39a85vl5gysy7sprfagxlanxp01l8k5p";
sha256 = "0fxw738al3qxa4s4ghqkxb908sav03i3h7xflawwmxzhqiyfdm15";
type = "gem";
};
version = "3.3.5.1";
version = "3.3.6.0";
};
pg = {
groups = ["default"];
Expand Down Expand Up @@ -648,10 +648,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0gml1rixrfb0naciq3mrnqkpcvm9ahgps1c04hzxh4b801f69914";
sha256 = "1wl9q4fl8gvhwdpfxghx6jdqi4508287pcgiwi96sdbzmdfbglcl";
type = "gem";
};
version = "6.4.3";
version = "6.5.0";
};
racc = {
groups = ["common_mark" "default" "test"];
Expand Down Expand Up @@ -712,10 +712,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1pm4z853nyz1bhhqr7fzl44alnx4bjachcr6rh6qjj375sfz3sc6";
sha256 = "0q55i6mpad20m2x1lg5pkqfpbmmapk0sjsrvr1sqgnj2hb5f5z1m";
type = "gem";
};
version = "1.6.0";
version = "1.6.2";
};
railties = {
dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"];
Expand Down Expand Up @@ -805,10 +805,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0ik40vcv7mqigsfpqpca36hpmnx0536xa825ai5qlkv3mmkyf9ss";
sha256 = "0yb3iycaj3krvlnicijm99qxvfbrbi0pd81i2cpdhjc3xmbhcqjb";
type = "gem";
};
version = "2.9.2";
version = "2.9.3";
};
request_store = {
dependencies = ["rack"];
Expand All @@ -826,10 +826,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1j9p66pmfgxnzp76ksssyfyqqrg7281dyi3xyknl3wwraaw7a66p";
sha256 = "1ch4k2y80r4glr579kxliqnxld2qa91ydq8fiqam38bzpbps3gpg";
type = "gem";
};
version = "3.3.9";
version = "3.4.0";
};
roadie = {
dependencies = ["css_parser" "nokogiri"];
Expand Down Expand Up @@ -911,10 +911,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0dvmlnmz173xwvcijgmkibga4viwz8xnm36j6lnxp6nik5pphm47";
sha256 = "10604xc4bcji3ca43anlc89xwxb4wkzk69cia95x04zima4aq4wm";
type = "gem";
};
version = "1.33.1";
version = "1.37.0";
};
rubocop-performance = {
dependencies = ["rubocop" "rubocop-ast"];
Expand Down Expand Up @@ -985,10 +985,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1406irn0zgxasqha9l64w7h2kjxivys7hagdlnk40n8fwpzjc15v";
sha256 = "1q5nbszbxz566yzyiv0a4lvfk56q89k0lk4mqp6wyddrc2nz88c8";
type = "gem";
};
version = "4.26.0";
version = "4.27.0";
};
simplecov = {
dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"];
Expand Down Expand Up @@ -1077,10 +1077,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "16mvvsmx90023wrhf8dxc1lpqh0m8alk65shb7xcya6a9gflw7vg";
sha256 = "03p31w5ghqfsbz5mcjzvwgkw3h9lbvbknqvrdliy8pxmn9wz02cm";
type = "gem";
};
version = "0.4.1";
version = "0.4.3";
};
tzinfo = {
dependencies = ["concurrent-ruby"];
Expand Down Expand Up @@ -1108,10 +1108,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0r79mir4phdmcx0l4yqfwfzdy8vgvrl4ym07585rd2b401bhrrcy";
sha256 = "12d9n8hll67j737ym2zw4v23cn4vxyfkb6vyv1rzpwv6y6a3qbdl";
type = "gem";
};
version = "1.9.0";
version = "1.9.1";
};
websocket = {
groups = ["default" "test"];
Expand Down Expand Up @@ -1181,9 +1181,9 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "10cpfdswql21vildiin0q7drg5zfzf2sahnk9hv3nyzzjqwj2bdx";
sha256 = "0mi7b90hvc6nqv37q27df4i2m27yy56yfy2ki5073474a1h9hi89";
type = "gem";
};
version = "2.6.18";
version = "2.7.1";
};
}
Loading

0 comments on commit 3dff40d

Please sign in to comment.