Update rubyzip to 1.2.2

There's a CVE in rubyzip 1.2.1 https://www.cvedetails.com/cve/CVE-2017-5946/

Signed-off-by: Tim Smith <tsmith@chef.io>

2 files changed, 9 insertions, 9 deletions

diff --git a/Gemfile.lock b/Gemfile.lock
index f8ab5b592c..1a13c3dffe 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -271,7 +271,7 @@ GEM
     ruby-prof (0.17.0)
     ruby-progressbar (1.10.0)
     ruby-shadow (2.5.0)
-    rubyzip (1.2.1)
+    rubyzip (1.2.2)
     safe_yaml (1.0.4)
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock
index 2317c6f8a5..3e08fd96da 100644
--- a/omnibus/Gemfile.lock
+++ b/omnibus/Gemfile.lock
@@ -31,13 +31,13 @@ GEM
     addressable (2.5.2)
       public_suffix (>= 2.0.2, < 4.0)
     awesome_print (1.8.0)
-    aws-sdk (2.11.118)
-      aws-sdk-resources (= 2.11.118)
-    aws-sdk-core (2.11.118)
+    aws-sdk (2.11.124)
+      aws-sdk-resources (= 2.11.124)
+    aws-sdk-core (2.11.124)
       aws-sigv4 (~> 1.0)
       jmespath (~> 1.0)
-    aws-sdk-resources (2.11.118)
-      aws-sdk-core (= 2.11.118)
+    aws-sdk-resources (2.11.124)
+      aws-sdk-core (= 2.11.124)
     aws-sigv4 (1.0.3)
     berkshelf (7.0.6)
       chef (>= 13.6.52)
@@ -215,7 +215,7 @@ GEM
       net-ssh-gateway (>= 1.2.0)
     net-telnet (0.2.0)
     nori (2.6.0)
-    octokit (4.10.0)
+    octokit (4.11.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     ohai (14.4.2)
       chef-config (>= 12.8, < 15)
@@ -271,7 +271,7 @@ GEM
       rspec-core (>= 2, < 4, != 2.12.0)
     ruby-progressbar (1.10.0)
     rubyntlm (0.6.2)
-    rubyzip (1.2.1)
+    rubyzip (1.2.2)
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
@@ -343,7 +343,7 @@ GEM
     winrm-elevated (1.1.0)
       winrm (~> 2.0)
       winrm-fs (~> 1.0)
-    winrm-fs (1.2.1)
+    winrm-fs (1.3.0)
       erubis (~> 2.7)
       logging (>= 1.6.1, < 3.0)
       rubyzip (~> 1.1)