Update bzip2 from 1.0.6 -> 1.0.8 to resolve CVEs

* bzip2recover: Fix use after free issue with outFile (CVE-2016-3189) * Make sure nSelectors is not out of range (CVE-2019-12900) Signed-off-by: Tim Smith <tsmith@chef.io>
author: Tim Smith <tsmith84@gmail.com> 2019-07-23 13:06:50 -0700
committer: Tim Smith <tsmith84@gmail.com> 2019-07-23 13:06:50 -0700
commit: c3b5017ac6bcf90dce901e2458ee601c3ff9ac0a (patch)
tree: 69da027e8fdc536e8231698182719058ae9074f9
parent: c02307aeafb5ccaf7778196acd99b4eb89ce472d (diff)
download: chef-c3b5017ac6bcf90dce901e2458ee601c3ff9ac0a.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock
index a5e233c090..e7502e6fe7 100644
--- a/omnibus/Gemfile.lock
+++ b/omnibus/Gemfile.lock
@@ -18,7 +18,7 @@ GIT
 
 GIT
   remote: https://github.com/chef/omnibus-software
-  revision: 9467dfd2f4e7a85764c487b6607db19b28654ac5
+  revision: 2faea6da0188998e86f24fdb5d0ca9acccecb189
   branch: master
   specs:
     omnibus-software (4.0.0)
@@ -32,7 +32,7 @@ GEM
       public_suffix (>= 2.0.2, < 4.0)
     awesome_print (1.8.0)
     aws-eventstream (1.0.3)
-    aws-partitions (1.190.0)
+    aws-partitions (1.191.0)
     aws-sdk-core (3.59.0)
       aws-eventstream (~> 1.0, >= 1.0.2)
       aws-partitions (~> 1.0)
@@ -295,7 +295,7 @@ GEM
     toml-rb (1.1.2)
       citrus (~> 3.0, > 3.0)
     tomlrb (1.2.8)
-    train-core (2.1.13)
+    train-core (2.1.19)
       json (>= 1.8, < 3.0)
       mixlib-shellout (>= 2.0, < 4.0)
       net-scp (>= 1.2, < 3.0)
author	Tim Smith <tsmith84@gmail.com>	2019-07-23 13:06:50 -0700
committer	Tim Smith <tsmith84@gmail.com>	2019-07-23 13:06:50 -0700
commit	c3b5017ac6bcf90dce901e2458ee601c3ff9ac0a (patch)
tree	69da027e8fdc536e8231698182719058ae9074f9
parent	c02307aeafb5ccaf7778196acd99b4eb89ce472d (diff)
download	chef-c3b5017ac6bcf90dce901e2458ee601c3ff9ac0a.tar.gz