Merge pull request #1841 from tactilenews/upgrade_puma

Upgrade Puma to fix smuggling vulnerability
tactilenews · May 6, 2024 · f4e0ff9 · f4e0ff9
2 parents 3ab04f3 + 10c6988
commit f4e0ff9
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -10,7 +10,7 @@ gem 'rails', '~> 6.1.7.1'
 # Use postgresql as the database for Active Record
 gem 'pg', '>= 0.18', '< 2.0'
 # Use Puma as the app server
-gem 'puma', '~> 6.3.1'
+gem 'puma', '~> 6.4.2'
 # Use Active Storage variant
 gem 'image_processing', '~> 1.12'
 # Reduces boot times through caching; required in config/boot.rb

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -274,7 +274,7 @@ GEM
     pry-rails (0.3.9)
       pry (>= 0.10.4)
     public_suffix (5.0.0)
-    puma (6.3.1)
+    puma (6.4.2)
       nio4r (~> 2.0)
     racc (1.7.3)
     rack (2.2.9)
@@ -466,7 +466,7 @@ DEPENDENCIES
   phony_rails
   postmark-rails
   pry-rails
-  puma (~> 6.3.1)
+  puma (~> 6.4.2)
   rack-attack (~> 6.6)
   rails (~> 6.1.7.1)
   rails-settings-cached (~> 2.8)