Bump Rugged to 0.27.5 for security fixes

See https://github.com/libgit2/libgit2/releases

3 files changed, 8 insertions, 3 deletions

diff --git a/changelogs/unreleased/sh-bump-rugged-0-27-5.yml b/changelogs/unreleased/sh-bump-rugged-0-27-5.yml
new file mode 100644
index 000000000..7fe10d965
--- /dev/null
+++ b/changelogs/unreleased/sh-bump-rugged-0-27-5.yml
@@ -0,0 +1,5 @@
+---
+title: Bump Rugged to 0.27.5 for security fixes
+merge_request: 907
+author:
+type: security
diff --git a/ruby/Gemfile b/ruby/Gemfile
index 1c1d41aea..aced9c0e4 100644
--- a/ruby/Gemfile
+++ b/ruby/Gemfile
@@ -3,7 +3,7 @@ source 'https://rubygems.org'
 # Require bundler >= 1.16.5 to avoid this bug: https://github.com/bundler/bundler/issues/6537
 gem 'bundler', '>= 1.16.5'
 
-gem 'rugged', '~> 0.27.4'
+gem 'rugged', '~> 0.27'
 gem 'github-linguist', '~> 6.1', require: 'linguist'
 gem 'gitlab-markup', '~> 1.6.4'
 gem 'gitaly-proto', '~> 0.116.0', require: 'gitaly'
diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock
index 8cbe9f16c..45621905b 100644
--- a/ruby/Gemfile.lock
+++ b/ruby/Gemfile.lock
@@ -123,7 +123,7 @@ GEM
     rubocop-rspec (1.17.0)
       rubocop (>= 0.50.0)
     ruby-progressbar (1.8.3)
-    rugged (0.27.4)
+    rugged (0.27.5)
     sanitize (4.6.6)
       crass (~> 1.0.2)
       nokogiri (>= 1.4.4)
@@ -159,7 +159,7 @@ DEPENDENCIES
   licensee (~> 8.9.0)
   rdoc (~> 4.2)
   rspec
-  rugged (~> 0.27.4)
+  rugged (~> 0.27)
   sentry-raven (~> 2.7.2)
 
 BUNDLED WITH