Merge pull request #93 from tinymce/hotfix/CVE-2020-14001

Security fix for CVE-2020-14001
This commit is contained in:
Tyler Kelly
2020-08-10 15:15:39 +10:00
committed by GitHub
2 changed files with 24 additions and 16 deletions
+3 -1
View File
@@ -4,10 +4,12 @@
source 'https://rubygems.org'
group :development, :test do
gem 'jekyll', '~> 3.8.4'
gem 'jekyll', '~> 3.9.0'
gem 'jekyll-redirect-from', '~> 0.13.0'
gem 'jekyll-sitemap', '~> 1.2.0'
gem 'redcarpet', '~> 3.4.0'
gem 'kramdown', '~> 2.3.0'
gem 'kramdown-parser-gfm', '~> 1.1.0'
gem 'nokogiri', '~> 1.10.8'
gem "jekyll-last-modified-at", "~> 1.0"
end
+21 -15
View File
@@ -4,31 +4,31 @@ GEM
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
colorator (1.1.0)
concurrent-ruby (1.1.5)
concurrent-ruby (1.1.7)
em-websocket (0.5.1)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0.6.0)
eventmachine (1.2.7)
ffi (1.11.1)
ffi (1.13.1)
forwardable-extended (2.6.0)
http_parser.rb (0.6.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jekyll (3.8.4)
jekyll (3.9.0)
addressable (~> 2.4)
colorator (~> 1.0)
em-websocket (~> 0.5)
i18n (~> 0.7)
jekyll-sass-converter (~> 1.0)
jekyll-watch (~> 2.0)
kramdown (~> 1.14)
kramdown (>= 1.17, < 3)
liquid (~> 4.0)
mercenary (~> 0.3.3)
pathutil (~> 0.9)
rouge (>= 1.7, < 4)
safe_yaml (~> 1.0)
jekyll-last-modified-at (1.0.1)
jekyll (~> 3.3)
jekyll-last-modified-at (1.3.0)
jekyll (>= 3.7, < 5.0)
posix-spawn (~> 0.3.9)
jekyll-redirect-from (0.13.0)
jekyll (~> 3.3)
@@ -38,24 +38,28 @@ GEM
jekyll (~> 3.3)
jekyll-watch (2.2.1)
listen (~> 3.0)
kramdown (1.17.0)
kramdown (2.3.0)
rexml
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
liquid (4.0.3)
listen (3.2.0)
listen (3.2.1)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
mercenary (0.3.6)
mini_portile2 (2.4.0)
nokogiri (1.10.8)
nokogiri (1.10.10)
mini_portile2 (~> 2.4.0)
pathutil (0.16.2)
forwardable-extended (~> 2.6)
posix-spawn (0.3.13)
public_suffix (4.0.1)
rb-fsevent (0.10.3)
rb-inotify (0.10.0)
posix-spawn (0.3.15)
public_suffix (4.0.5)
rb-fsevent (0.10.4)
rb-inotify (0.10.1)
ffi (~> 1.0)
redcarpet (3.4.0)
rouge (3.12.0)
rexml (3.2.4)
rouge (3.21.0)
safe_yaml (1.0.5)
sass (3.7.4)
sass-listen (~> 4.0.0)
@@ -67,10 +71,12 @@ PLATFORMS
ruby
DEPENDENCIES
jekyll (~> 3.8.4)
jekyll (~> 3.9.0)
jekyll-last-modified-at (~> 1.0)
jekyll-redirect-from (~> 0.13.0)
jekyll-sitemap (~> 1.2.0)
kramdown (~> 2.3.0)
kramdown-parser-gfm (~> 1.1.0)
nokogiri (~> 1.10.8)
redcarpet (~> 3.4.0)