From eded08152273cf3eacac1002d41463d97de2e8de Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Mon, 19 Nov 2018 12:20:44 -0800
Subject: Bump nokogiri, loofah, and rack gems for security updates

loofah: CVE-2018-16468:
https://github.com/flavorjones/loofah/issues/154

nokogiri: CVE-2018-14404 and CVE-2018-14567
https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md

rack: CVE-2018-16471
https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd

i18n: https://github.com/svenfuchs/i18n/releases

concurrent-ruby: https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md
---
 Gemfile.rails4.lock | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'Gemfile.rails4.lock')

diff --git a/Gemfile.rails4.lock b/Gemfile.rails4.lock
index 657975da2a4..0eacf91cf43 100644
--- a/Gemfile.rails4.lock
+++ b/Gemfile.rails4.lock
@@ -125,9 +125,9 @@ GEM
     concord (0.1.5)
       adamantium (~> 0.2.0)
       equalizer (~> 0.0.9)
-    concurrent-ruby (1.0.5)
-    concurrent-ruby-ext (1.0.5)
-      concurrent-ruby (= 1.0.5)
+    concurrent-ruby (1.1.3)
+    concurrent-ruby-ext (1.1.3)
+      concurrent-ruby (= 1.1.3)
     connection_pool (2.2.2)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
@@ -441,7 +441,7 @@ GEM
       activesupport (>= 4)
       railties (>= 4)
       request_store (~> 1.0)
-    loofah (2.2.2)
+    loofah (2.2.3)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
@@ -471,7 +471,7 @@ GEM
     net-ldap (0.16.0)
     net-ssh (5.0.1)
     netrc (0.11.0)
-    nokogiri (1.8.4)
+    nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     nokogumbo (1.5.0)
       nokogiri
@@ -958,7 +958,7 @@ DEPENDENCIES
   chronic (~> 0.10.2)
   chronic_duration (~> 0.10.6)
   commonmarker (~> 0.17)
-  concurrent-ruby (~> 1.0.5)
+  concurrent-ruby (~> 1.1)
   connection_pool (~> 2.0)
   creole (~> 0.5.0)
   database_cleaner (~> 1.5.0)
-- 
cgit v1.2.3