From b8a5a4338fbf991999653f47e697c89ce7601bd5 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 1 Apr 2021 21:21:05 +0200 Subject: [PATCH] jekyll: Update the dependencies (security, CVE-2021-28834) This fixes a potential security issue (reported by bundler-audit) by updating kramdown to 2.3.1 for CVE-2021-28834 [0]. [0]: https://github.com/advisories/GHSA-52p9-v744-mwjj --- .../misc/jekyll/basic/Gemfile.lock | 12 +++++----- .../applications/misc/jekyll/basic/gemset.nix | 24 +++++++++---------- .../misc/jekyll/full/Gemfile.lock | 12 +++++----- pkgs/applications/misc/jekyll/full/gemset.nix | 24 +++++++++---------- 4 files changed, 36 insertions(+), 36 deletions(-) diff --git a/pkgs/applications/misc/jekyll/basic/Gemfile.lock b/pkgs/applications/misc/jekyll/basic/Gemfile.lock index 161aeb7720bf..15ef5d3b4c60 100644 --- a/pkgs/applications/misc/jekyll/basic/Gemfile.lock +++ b/pkgs/applications/misc/jekyll/basic/Gemfile.lock @@ -1,7 +1,7 @@ GEM remote: https://rubygems.org/ specs: - activesupport (6.1.3) + activesupport (6.1.3.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -15,14 +15,14 @@ GEM eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) eventmachine (1.2.7) - ffi (1.14.2) + ffi (1.15.0) forwardable-extended (2.6.0) gemoji (3.0.1) html-pipeline (2.14.0) activesupport (>= 2) nokogiri (>= 1.4) http_parser.rb (0.6.0) - i18n (1.8.9) + i18n (1.8.10) concurrent-ruby (~> 1.0) jekyll (4.2.0) addressable (~> 2.4) @@ -56,18 +56,18 @@ GEM gemoji (~> 3.0) html-pipeline (~> 2.2) jekyll (>= 3.0, < 5.0) - kramdown (2.3.0) + kramdown (2.3.1) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.3) - listen (3.4.1) + listen (3.5.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) mini_portile2 (2.5.0) minitest (5.14.4) - nokogiri (1.11.1) + nokogiri (1.11.2) mini_portile2 (~> 2.5.0) racc (~> 1.4) pathutil (0.16.2) diff --git a/pkgs/applications/misc/jekyll/basic/gemset.nix b/pkgs/applications/misc/jekyll/basic/gemset.nix index bda211e6f7aa..fadbf8e32ba8 100644 --- a/pkgs/applications/misc/jekyll/basic/gemset.nix +++ b/pkgs/applications/misc/jekyll/basic/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00a4db64g8w5yyk6hzak2nqrmdfvyh5zc9cvnm9gglwbi87ss28h"; + sha256 = "0l0khgrb7zn611xjnmygv5wdxh7wq645f613wldn5397q5w3l9lc"; type = "gem"; }; - version = "6.1.3"; + version = "6.1.3.1"; }; addressable = { dependencies = ["public_suffix"]; @@ -67,10 +67,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15hgiy09i8ywjihyzyvjvk42ivi3kmy6dm21s5sgg9j7y3h3zkkx"; + sha256 = "0nq1fb3vbfylccwba64zblxy96qznxbys5900wd7gm9bpplmf432"; type = "gem"; }; - version = "1.14.2"; + version = "1.15.0"; }; forwardable-extended = { groups = ["default"]; @@ -119,10 +119,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08p6b13p99j1rrcrw1l3v0kb9mxbsvy6nk31r8h4rnszdgzpga32"; + sha256 = "0g2fnag935zn2ggm5cn6k4s4xvv53v2givj1j90szmvavlpya96a"; type = "gem"; }; - version = "1.8.9"; + version = "1.8.10"; }; jekyll = { dependencies = ["addressable" "colorator" "em-websocket" "i18n" "jekyll-sass-converter" "jekyll-watch" "kramdown" "kramdown-parser-gfm" "liquid" "mercenary" "pathutil" "rouge" "safe_yaml" "terminal-table"]; @@ -218,10 +218,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7"; + sha256 = "0jdbcjv4v7sj888bv3vc6d1dg4ackkh7ywlmn9ln2g9alk7kisar"; type = "gem"; }; - version = "2.3.0"; + version = "2.3.1"; }; kramdown-parser-gfm = { dependencies = ["kramdown"]; @@ -250,10 +250,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0imzd0cb9vlkc3yggl4rph1v1wm4z9psgs4z6aqsqa5hgf8gr9hj"; + sha256 = "0h2v34xhi30w0d9gfzds2w6v89grq2gkpgvmdj9m8x1ld1845xnj"; type = "gem"; }; - version = "3.4.1"; + version = "3.5.1"; }; mercenary = { groups = ["default"]; @@ -291,10 +291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ajwkqr28hwqbyl1l3czx4a34c88acxywyqp8cjyy0zgsd6sbhj2"; + sha256 = "0b51df8fwadak075cvi17w0nch6qz1r66564qp29qwfj67j9qp0p"; type = "gem"; }; - version = "1.11.1"; + version = "1.11.2"; }; pathutil = { dependencies = ["forwardable-extended"]; diff --git a/pkgs/applications/misc/jekyll/full/Gemfile.lock b/pkgs/applications/misc/jekyll/full/Gemfile.lock index e93f78e83c02..b3d3b9ca4993 100644 --- a/pkgs/applications/misc/jekyll/full/Gemfile.lock +++ b/pkgs/applications/misc/jekyll/full/Gemfile.lock @@ -1,7 +1,7 @@ GEM remote: https://rubygems.org/ specs: - activesupport (6.1.3) + activesupport (6.1.3.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -29,14 +29,14 @@ GEM ruby2_keywords faraday-net_http (1.0.1) fast-stemmer (1.0.2) - ffi (1.14.2) + ffi (1.15.0) forwardable-extended (2.6.0) gemoji (3.0.1) html-pipeline (2.14.0) activesupport (>= 2) nokogiri (>= 1.4) http_parser.rb (0.6.0) - i18n (1.8.9) + i18n (1.8.10) concurrent-ruby (~> 1.0) jekyll (4.2.0) addressable (~> 2.4) @@ -82,7 +82,7 @@ GEM gemoji (~> 3.0) html-pipeline (~> 2.2) jekyll (>= 3.0, < 5.0) - kramdown (2.3.0) + kramdown (2.3.1) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) @@ -92,7 +92,7 @@ GEM liquid (4.0.3) liquid-c (4.0.0) liquid (>= 3.0.0) - listen (3.4.1) + listen (3.5.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) @@ -102,7 +102,7 @@ GEM mini_portile2 (2.5.0) minitest (5.14.4) multipart-post (2.1.1) - nokogiri (1.11.1) + nokogiri (1.11.2) mini_portile2 (~> 2.5.0) racc (~> 1.4) octokit (4.20.0) diff --git a/pkgs/applications/misc/jekyll/full/gemset.nix b/pkgs/applications/misc/jekyll/full/gemset.nix index ee348a80c4a1..7a6814aaa32d 100644 --- a/pkgs/applications/misc/jekyll/full/gemset.nix +++ b/pkgs/applications/misc/jekyll/full/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00a4db64g8w5yyk6hzak2nqrmdfvyh5zc9cvnm9gglwbi87ss28h"; + sha256 = "0l0khgrb7zn611xjnmygv5wdxh7wq645f613wldn5397q5w3l9lc"; type = "gem"; }; - version = "6.1.3"; + version = "6.1.3.1"; }; addressable = { dependencies = ["public_suffix"]; @@ -174,10 +174,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15hgiy09i8ywjihyzyvjvk42ivi3kmy6dm21s5sgg9j7y3h3zkkx"; + sha256 = "0nq1fb3vbfylccwba64zblxy96qznxbys5900wd7gm9bpplmf432"; type = "gem"; }; - version = "1.14.2"; + version = "1.15.0"; }; forwardable-extended = { groups = ["default"]; @@ -226,10 +226,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08p6b13p99j1rrcrw1l3v0kb9mxbsvy6nk31r8h4rnszdgzpga32"; + sha256 = "0g2fnag935zn2ggm5cn6k4s4xvv53v2givj1j90szmvavlpya96a"; type = "gem"; }; - version = "1.8.9"; + version = "1.8.10"; }; jekyll = { dependencies = ["addressable" "colorator" "em-websocket" "i18n" "jekyll-sass-converter" "jekyll-watch" "kramdown" "kramdown-parser-gfm" "liquid" "mercenary" "pathutil" "rouge" "safe_yaml" "terminal-table"]; @@ -390,10 +390,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7"; + sha256 = "0jdbcjv4v7sj888bv3vc6d1dg4ackkh7ywlmn9ln2g9alk7kisar"; type = "gem"; }; - version = "2.3.0"; + version = "2.3.1"; }; kramdown-parser-gfm = { dependencies = ["kramdown"]; @@ -468,10 +468,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0imzd0cb9vlkc3yggl4rph1v1wm4z9psgs4z6aqsqa5hgf8gr9hj"; + sha256 = "0h2v34xhi30w0d9gfzds2w6v89grq2gkpgvmdj9m8x1ld1845xnj"; type = "gem"; }; - version = "3.4.1"; + version = "3.5.1"; }; mercenary = { groups = ["default"]; @@ -540,10 +540,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ajwkqr28hwqbyl1l3czx4a34c88acxywyqp8cjyy0zgsd6sbhj2"; + sha256 = "0b51df8fwadak075cvi17w0nch6qz1r66564qp29qwfj67j9qp0p"; type = "gem"; }; - version = "1.11.1"; + version = "1.11.2"; }; octokit = { dependencies = ["faraday" "sawyer"];