From 0a89d39da6df28681aedd17c0c1a9433da3e1de9 Mon Sep 17 00:00:00 2001
From: Thorsten Eckel <te@zammad.com>
Date: Wed, 19 May 2021 07:58:30 +0000
Subject: [PATCH] Maintenance: Bumped puma to 4.3.8 (CVE-2021-29509).

---
 Gemfile      | 2 +-
 Gemfile.lock | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index c9f036aa1..017ae7573 100644
--- a/Gemfile
+++ b/Gemfile
@@ -13,7 +13,7 @@ gem 'json'
 gem 'rails-observers'
 
 # core - application servers
-gem 'puma', '~>3.12', group: :puma
+gem 'puma', '~> 4', group: :puma
 gem 'unicorn', group: :unicorn
 
 # core - supported ORMs
diff --git a/Gemfile.lock b/Gemfile.lock
index e055419bf..fffb27e7f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -384,7 +384,8 @@ GEM
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
     public_suffix (3.1.1)
-    puma (3.12.6)
+    puma (4.3.8)
+      nio4r (~> 2.0)
     pundit (2.0.1)
       activesupport (>= 3.0.0)
     pundit-matchers (1.6.0)
@@ -647,7 +648,7 @@ DEPENDENCIES
   pry-remote
   pry-rescue
   pry-stack_explorer
-  puma (~> 3.12)
+  puma (~> 4)
   pundit
   pundit-matchers
   rack-livereload