commonmarker

Name: commonmarker Version: 0.21.2 GHSA: GHSA-fmx4-26r3-wxpf Criticality: High URL: https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x Title: Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption Solution: upgrade to >= 0.23.4
2024-11-22 15:36:22 +00:00 · 2022-06-29 18:28:29 -03:00 · 2022-06-29 18:28:29 -03:00 · f18fb0508a
commit f18fb0508a
parent 76d614a93b
1 changed files with 9 additions and 14 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -126,8 +126,7 @@ GEM
    childprocess (4.1.0)
    coderay (1.1.3)
    colorator (1.1.0)
-    commonmarker (0.21.2-x86_64-linux-musl)
-      ruby-enum (~> 0.5)
+    commonmarker (0.23.5-x86_64-linux-musl)
    concurrent-ruby (1.1.9)
    concurrent-ruby-ext (1.1.9-x86_64-linux-musl)
      concurrent-ruby (= 1.1.9)
@ -260,7 +259,7 @@ GEM
      nokogiri (>= 1.6)
    jbuilder (2.11.3)
      activesupport (>= 5.0.0)
-    jekyll (4.2.1)
+    jekyll (4.2.2)
      addressable (~> 2.4)
      colorator (~> 1.0)
      em-websocket (~> 0.5)
@ -275,9 +274,8 @@ GEM
      rouge (~> 3.0)
      safe_yaml (~> 1.0)
      terminal-table (~> 2.0)
-    jekyll-commonmark (1.3.2)
-      commonmarker (~> 0.14, < 0.22)
-      jekyll (>= 3.7, < 5.0)
+    jekyll-commonmark (1.4.0)
+      commonmarker (~> 0.22)
    jekyll-data (1.1.2)
      jekyll (>= 3.3, < 5.0.0)
    jekyll-dotenv (0.2.0)
@ -303,7 +301,7 @@ GEM
    jekyll-order (0.1.4)
    jekyll-relative-urls (0.0.6)
      jekyll (~> 4)
-    jekyll-sass-converter (2.1.0)
+    jekyll-sass-converter (2.2.0)
      sassc (> 2.0.1, < 3.0)
    jekyll-seo-tag (2.7.1)
      jekyll (>= 3.8, < 5.0)
@ -332,7 +330,7 @@ GEM
      activerecord
      kaminari-core (= 1.2.1)
    kaminari-core (1.2.1)
-    kramdown (2.3.1)
+    kramdown (2.4.0)
      rexml
    kramdown-parser-gfm (1.1.0)
      kramdown (~> 2.0)
@ -394,13 +392,12 @@ GEM
    pg_search (2.3.5)
      activerecord (>= 5.2)
      activesupport (>= 5.2)
-    popper_js (1.16.0)
    prometheus_exporter (1.0.0)
      webrick
    pry (0.14.1)
      coderay (~> 1.1)
      method_source (~> 1.0)
-    public_suffix (4.0.6)
+    public_suffix (4.0.7)
    puma (5.6.4-x86_64-linux-musl)
      nio4r (~> 2.0)
    pundit (2.1.1)
@ -459,7 +456,7 @@ GEM
      thor (~> 1.0)
    rainbow (3.0.0)
    rake (13.0.6)
-    rb-fsevent (0.11.0)
+    rb-fsevent (0.11.1)
    rb-inotify (0.10.1)
      ffi (~> 1.0)
    recursero-jekyll-theme (0.2.0)
@ -504,7 +501,7 @@ GEM
      actionpack (>= 5.0)
      railties (>= 5.0)
    rexml (3.2.5)
-    rouge (3.26.1)
+    rouge (3.29.0)
    rubocop (1.23.0)
      parallel (~> 1.10)
      parser (>= 3.0.0.0)
@ -520,8 +517,6 @@ GEM
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 1.7.0, < 2.0)
-    ruby-enum (0.9.0)
-      i18n
    ruby-filemagic (0.7.2-x86_64-linux-musl)
    ruby-progressbar (1.11.0)
    ruby-statistics (3.0.0)