SECURITY: update rubyzip dependency

This updates rubyzip library so that callers can trust entries when extracting files avoiding situations where a rogues zip imported by a rogue admin could cause a disk space issue.
2019-10-01 17:11:20 +10:00 · 2019-10-01 17:11:20 +10:00 · 21e0eebada
commit 21e0eebada
parent f9bdbef16f
1 changed files with 1 additions and 1 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -354,7 +354,7 @@ GEM
      guess_html_encoding (>= 0.0.4)
      nokogiri (>= 1.6.0)
    ruby_dep (1.5.0)
-    rubyzip (1.2.3)
+    rubyzip (2.0.0)
    safe_yaml (1.0.5)
    sanitize (5.0.0)
      crass (~> 1.0.2)