Merge branch '6-8-2' into '6-8-stable'v6.8.26-8-stable

6.8.2 release

Please check if I didn't do this weird git thing wrong ;-)

/cc @marin @jacobvosmaer

4 files changed, 34 insertions, 30 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 185e5df46c7..443c3dab2b4 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,6 @@
+v 6.8.2
+  - Bump rails to 4.0.5 in light of CVE-2014-0130
+
 v 6.8.1
   - Bump required gitlab-shell version to 1.9.3
 
diff --git a/Gemfile b/Gemfile
index 4ab1ab50eb9..b8c38bea5c7 100644
--- a/Gemfile
+++ b/Gemfile
@@ -148,7 +148,7 @@ gem "rack-attack"
 # Ace editor
 gem 'ace-rails-ap'
 
-gem "sass-rails"
+gem "sass-rails", '~> 4.0.2'
 gem "coffee-rails"
 gem "uglifier"
 gem "therubyracer"
@@ -232,4 +232,4 @@ end
 
 group :production do
   gem "gitlab_meta", '6.0'
-end
\ No newline at end of file
+end
diff --git a/Gemfile.lock b/Gemfile.lock
index 155e03e5456..68cf63e4560 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,26 +2,26 @@ GEM
   remote: https://rubygems.org/
   specs:
     ace-rails-ap (2.0.1)
-    actionmailer (4.0.3)
-      actionpack (= 4.0.3)
+    actionmailer (4.0.5)
+      actionpack (= 4.0.5)
       mail (~> 2.5.4)
-    actionpack (4.0.3)
-      activesupport (= 4.0.3)
+    actionpack (4.0.5)
+      activesupport (= 4.0.5)
       builder (~> 3.1.0)
       erubis (~> 2.7.0)
       rack (~> 1.5.2)
       rack-test (~> 0.6.2)
-    activemodel (4.0.3)
-      activesupport (= 4.0.3)
+    activemodel (4.0.5)
+      activesupport (= 4.0.5)
       builder (~> 3.1.0)
-    activerecord (4.0.3)
-      activemodel (= 4.0.3)
+    activerecord (4.0.5)
+      activemodel (= 4.0.5)
       activerecord-deprecated_finders (~> 1.0.2)
-      activesupport (= 4.0.3)
+      activesupport (= 4.0.5)
       arel (~> 4.0.0)
     activerecord-deprecated_finders (1.0.3)
-    activesupport (4.0.3)
-      i18n (~> 0.6, >= 0.6.4)
+    activesupport (4.0.5)
+      i18n (~> 0.6, >= 0.6.9)
       minitest (~> 4.2)
       multi_json (~> 1.3)
       thread_safe (~> 0.1)
@@ -280,7 +280,7 @@ GEM
     mime-types (1.25.1)
     mini_portile (0.5.3)
     minitest (4.7.5)
-    multi_json (1.9.2)
+    multi_json (1.10.0)
     multi_xml (0.5.5)
     multipart-post (1.2.0)
     mysql2 (0.3.11)
@@ -350,13 +350,13 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (4.0.3)
-      actionmailer (= 4.0.3)
-      actionpack (= 4.0.3)
-      activerecord (= 4.0.3)
-      activesupport (= 4.0.3)
+    rails (4.0.5)
+      actionmailer (= 4.0.5)
+      actionpack (= 4.0.5)
+      activerecord (= 4.0.5)
+      activesupport (= 4.0.5)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.0.3)
+      railties (= 4.0.5)
       sprockets-rails (~> 2.0.0)
     rails-observers (0.1.2)
       activemodel (~> 4.0)
@@ -369,9 +369,9 @@ GEM
       i18n
       require_all
       ruby-progressbar
-    railties (4.0.3)
-      actionpack (= 4.0.3)
-      activesupport (= 4.0.3)
+    railties (4.0.5)
+      actionpack (= 4.0.5)
+      activesupport (= 4.0.5)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     raindrops (0.12.0)
@@ -428,11 +428,12 @@ GEM
     safe_yaml (0.9.7)
     sanitize (2.1.0)
       nokogiri (>= 1.4.4)
-    sass (3.2.12)
-    sass-rails (4.0.1)
+    sass (3.2.19)
+    sass-rails (4.0.3)
       railties (>= 4.0.0, < 5.0)
-      sass (>= 3.1.10)
-      sprockets-rails (~> 2.0.0)
+      sass (~> 3.2.0)
+      sprockets (~> 2.8, <= 2.11.0)
+      sprockets-rails (~> 2.0)
     sdoc (0.3.20)
       json (>= 1.1.3)
       rdoc (~> 3.10)
@@ -479,7 +480,7 @@ GEM
       spring (>= 0.9.1)
     spring-commands-spinach (1.0.0)
       spring (>= 0.9.1)
-    sprockets (2.10.1)
+    sprockets (2.11.0)
       hike (~> 1.2)
       multi_json (~> 1.0)
       rack (~> 1.0)
@@ -634,7 +635,7 @@ DEPENDENCIES
   redis-rails
   rspec-rails
   sanitize (~> 2.0)
-  sass-rails
+  sass-rails (~> 4.0.2)
   sdoc
   seed-fu
   select2-rails
diff --git a/VERSION b/VERSION
index 5f6c0863ac4..166d79d6d6f 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-6.8.1
+6.8.2