swanson / stringer / 654
97%
master: 97%

LAST BUILD BRANCH: dependabot/bundler/nokogiri-1.11.4
DEFAULT BRANCH: master
Ran
Jobs 3
Files 127
Run time 32s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
654

push

travis-ci

Koronen 
Update vulnerable gems

Updates four vulnerable gems, as reported by the `bundler-audit` gem.

- [X] activesupport
- [X] nokogiri
- [X] rack
- [X] rest-client

    $ bundle-audit check
    Name: activesupport
    Version: 4.0.13
    Advisory: CVE-2015-3227
    Criticality: Unknown
    URL: https://groups.google.com/forum/#!topic/rubyonrails-security/bahr2JLnxvk
    Title: Possible Denial of Service attack in Active Support
    Solution: upgrade to >= 4.2.2, ~> 4.1.11, ~> 3.2.22

    Name: nokogiri
    Version: 1.6.1
    Advisory: CVE-2015-5312
    Criticality: High
    URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
    Title: Nokogiri gem contains several vulnerabilities in libxml2
    Solution: upgrade to >= 1.6.7.1

    Name: nokogiri
    Version: 1.6.1
    Advisory: CVE-2015-7499
    Criticality: Medium
    URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
    Title: Nokogiri gem contains a heap-based buffer overflow vulnerability in
           libxml2
    Solution: upgrade to >= 1.6.7.2

    Name: nokogiri
    Version: 1.6.1
    Advisory: CVE-2015-1819
    Criticality: Unknown
    URL: https://github.com/sparklemotion/nokogiri/issues/1374
    Title: Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
    Solution: upgrade to ~> 1.6.6.4, >= 1.6.7.rc4

    Name: nokogiri
    Version: 1.6.1
    Advisory: 118481
    Criticality: Unknown
    URL: https://github.com/sparklemotion/nokogiri/pull/1087
    Title: Nokogiri Gem for JRuby XML Document Root Element Handling Memory
           Consumption
    Remote DoS
    Solution: upgrade to >= 1.6.3

    Name: rack
    Version: 1.5.2
    Advisory: CVE-2015-3225
    Criticality: Unknown
    URL: https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
    Title: Potential Denial of Service Vulnerability in Rack
    Solution: upgrade to >= 1.6.2, ~> 1.5.4, ~> 1.4.6

    Name: rest-client
    Version: 1.6.7
    Advisory: CVE-2015-... (continued)

2230 of 2292 relevant lines covered (97.29%)

11.29 hits per line

Jobs
ID Job ID Ran Files Coverage
1 654.1 (2.0.0) 0
97.29
 Travis Job 654.1
2 654.2 (2.1) 0
97.29
 Travis Job 654.2
3 654.3 (2.2) 0
97.29
 Travis Job 654.3
Source Files on build 654
Detailed source file information is not available for this build.