From ca455344b8f47dbb60067581d602079032e19f5c Mon Sep 17 00:00:00 2001
From: Victor Koronen <koronen@kth.se>
Date: Tue, 20 Mar 2018 21:30:40 +0100
Subject: [PATCH] Bump activerecord to address CVE-2016-6317

As reported by `bundler-audit`:

> Name: activerecord
> Version: 4.2.6
> Advisory: CVE-2016-6317
> Criticality: Unknown
> URL: https://groups.google.com/forum/#!topic/rubyonrails-security/rgO20zYW33s
> Title: Unsafe Query Generation Risk in Active Record
> Solution: upgrade to >= 4.2.7.1

Ref:
<https://github.com/rails/rails/blob/v4.2.10/activemodel/CHANGELOG.md#rails-4210-september-27-2017>
Ref:
<https://github.com/rails/rails/blob/v4.2.10/activerecord/CHANGELOG.md#rails-4210-september-27-2017>
Ref:
<https://github.com/rails/rails/blob/v4.2.10/activesupport/CHANGELOG.md#rails-4210-september-27-2017>
---
 Gemfile.lock | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 8b3bcf184..178e4b476 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,25 +1,24 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (4.2.6)
-      activesupport (= 4.2.6)
+    activemodel (4.2.10)
+      activesupport (= 4.2.10)
       builder (~> 3.1)
-    activerecord (4.2.6)
-      activemodel (= 4.2.6)
-      activesupport (= 4.2.6)
+    activerecord (4.2.10)
+      activemodel (= 4.2.10)
+      activesupport (= 4.2.10)
       arel (~> 6.0)
-    activesupport (4.2.6)
+    activesupport (4.2.10)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
     addressable (2.4.0)
-    arel (6.0.3)
+    arel (6.0.4)
     ast (2.2.0)
     backports (3.6.8)
     bcrypt (3.1.11)
-    builder (3.2.2)
+    builder (3.2.3)
     byebug (2.7.0)
       columnize (~> 0.3)
       debugger-linecache (~> 1.2)
@@ -62,8 +61,9 @@ GEM
       faraday_middleware (>= 0.9)
       loofah (>= 2.0)
       sax-machine (>= 1.0)
-    i18n (0.7.0)
-    json (1.8.3)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    json (1.8.6)
     kgio (2.10.0)
     loofah (2.1.1)
       crass (~> 1.0.2)
@@ -73,7 +73,7 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0221)
     mini_portile2 (2.3.0)
-    minitest (5.8.4)
+    minitest (5.11.3)
     multi_json (1.12.1)
     multipart-post (2.0.0)
     nokogiri (1.8.1)
@@ -161,11 +161,11 @@ GEM
       tins (~> 1.0)
     thor (0.19.1)
     thread (0.2.2)
-    thread_safe (0.3.5)
+    thread_safe (0.3.6)
     tilt (1.4.1)
     timecop (0.8.0)
     tins (1.6.0)
-    tzinfo (1.2.2)
+    tzinfo (1.2.5)
       thread_safe (~> 0.1)
     uglifier (3.0.2)
       execjs (>= 0.3.0, < 3)