diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 4 |
3 files changed, 4 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG index 4fb867c969b..acad4644f5f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ Please view this file on the master branch, on stable branches it's out of date. v 8.3.0 (unreleased) + - Bump rack-attack to 4.3.1 for security fix (Stan Hu) - API support for starred projects for authorized user (Zeger-Jan van de Weg) - Add open_issues_count to project API (Stan Hu) - Expand character set of usernames created by Omniauth (Corey Hinshaw) @@ -175,7 +175,7 @@ gem "sanitize", '~> 2.0' gem 'babosa', '~> 1.0.2' # Protect against bruteforcing -gem "rack-attack", '~> 4.3.0' +gem "rack-attack", '~> 4.3.1' # Ace editor gem 'ace-rails-ap', '~> 2.0.1' diff --git a/Gemfile.lock b/Gemfile.lock index 4dfff211134..88c7a6e3424 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -507,7 +507,7 @@ GEM rack (1.6.4) rack-accept (0.4.5) rack (>= 0.4) - rack-attack (4.3.0) + rack-attack (4.3.1) rack rack-cors (0.4.0) rack-mount (0.8.3) @@ -908,7 +908,7 @@ DEPENDENCIES poltergeist (~> 1.8.1) pry-rails quiet_assets (~> 1.0.2) - rack-attack (~> 4.3.0) + rack-attack (~> 4.3.1) rack-cors (~> 0.4.0) rack-oauth2 (~> 1.2.1) rails (= 4.2.4) |