swanson / stringer / 655
97%
master: 97%

LAST BUILD BRANCH: dependabot/bundler/nokogiri-1.11.4
DEFAULT BRANCH: master
Ran
Jobs 3
Files 127
Run time 17s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
655

push

travis-ci

Koronen 
Update vulnerable gems

Updates four vulnerable gems, as reported by the `bundler-audit` gem.

- [X] activesupport
- [X] nokogiri
- [X] rack
- [X] rest-client

```
$ bundle-audit check
Name: activesupport
Version: 4.0.13
Advisory: CVE-2015-3227
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/bahr2JLnxvk
Title: Possible Denial of Service attack in Active Support
Solution: upgrade to >= 4.2.2, ~> 4.1.11, ~> 3.2.22

Name: nokogiri
Version: 1.6.1
Advisory: CVE-2015-5312
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
Title: Nokogiri gem contains several vulnerabilities in libxml2
Solution: upgrade to >= 1.6.7.1

Name: nokogiri
Version: 1.6.1
Advisory: CVE-2015-7499
Criticality: Medium
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
Title: Nokogiri gem contains a heap-based buffer overflow vulnerability in
       libxml2
Solution: upgrade to >= 1.6.7.2

Name: nokogiri
Version: 1.6.1
Advisory: CVE-2015-1819
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1374
Title: Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
Solution: upgrade to ~> 1.6.6.4, >= 1.6.7.rc4

Name: nokogiri
Version: 1.6.1
Advisory: 118481
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/pull/1087
Title: Nokogiri Gem for JRuby XML Document Root Element Handling Memory
       Consumption
Remote DoS
Solution: upgrade to >= 1.6.3

Name: rack
Version: 1.5.2
Advisory: CVE-2015-3225
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
Title: Potential Denial of Service Vulnerability in Rack
Solution: upgrade to >= 1.6.2, ~> 1.5.4, ~> 1.4.6

Name: rest-client
Version: 1.6.7
Advisory: CVE-2015-1820
Criticality: Unknown
URL: https://github.com/rest-client/rest-client/issues/369
Title: rubygem-rest-client: session fixation vulnerability via Set-Cookie
       headers in 30x redirection... (continued)

2230 of 2292 relevant lines covered (97.29%)

11.29 hits per line

Jobs
ID Job ID Ran Files Coverage
1 655.1 (2.0.0) 0
97.29
 Travis Job 655.1
2 655.2 (2.1) 0
97.29
 Travis Job 655.2
3 655.3 (2.2) 0
97.29
 Travis Job 655.3
Source Files on build 655
Detailed source file information is not available for this build.