Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade rubyzip gem to >= 1.2.1 #834

Closed
briri opened this issue Nov 17, 2017 · 2 comments
Closed

Upgrade rubyzip gem to >= 1.2.1 #834

briri opened this issue Nov 17, 2017 · 2 comments
Assignees
@briri
Labels
bug infrastructure

Comments

@briri
Copy link
Contributor

briri commented Nov 17, 2017

The htmltoword gem is using rubyzip >= 1.0 and we just got notified by GitHub that the dependency has a security vulnerability.

Update both gems, rubyzip to >= 1.2.1 (specify in gemfile if needed) and htmltoword to >0.7.0

screen shot 2017-11-17 at 7 43 22 am
@briri briri self-assigned this Nov 17, 2017
@briri briri mentioned this issue Nov 17, 2017
Merged
@stephaniesimms
Copy link

the security message hasn't disappeared. @briri will ping @vyruss to merge the patch into master.

@stephaniesimms
Copy link

security message is gone so i'll assume this is done. closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@briri briri

Labels
bug infrastructure
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@briri @stephaniesimms