From ae194ad5bad72e007ae4a4631f31a6f862c8c3b9 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Wed, 29 Jun 2022 18:24:50 -0300
Subject: [PATCH] image_processing

Name: image_processing
Version: 1.12.1
CVE: CVE-2022-24720
GHSA: GHSA-cxf7-qrc5-9446
Criticality: Unknown
URL:
https://github.com/janko/image_processing/security/advisories/GHSA-cxf7-qrc5-9446
Title: Remote shell execution vulnerability when applying commands from
user input
Solution: upgrade to >= 1.12.2
---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index f9f1c1ab..8ccaf3ce 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -205,7 +205,7 @@ GEM
       railties (>= 5.0.0)
     fast_blank (1.0.1-x86_64-linux-musl)
     fast_jsonparser (0.5.0-x86_64-linux-musl)
-    ffi (1.15.4-x86_64-linux-musl)
+    ffi (1.15.5-x86_64-linux-musl)
     flamegraph (0.9.5)
     forwardable-extended (2.6.0)
     friendly_id (5.4.2)
@@ -252,7 +252,7 @@ GEM
     icalendar (2.7.1)
       ice_cube (~> 0.16)
     ice_cube (0.16.4)
-    image_processing (1.12.1)
+    image_processing (1.12.2)
       mini_magick (>= 4.9.5, < 5)
       ruby-vips (>= 2.0.17, < 3)
     inline_svg (1.7.2)