From 8ab62f88f833a38470f1f5ef48100ebf88546f91 Mon Sep 17 00:00:00 2001
From: Denis Talakevich <senid231@gmail.com>
Date: Thu, 29 Apr 2021 19:15:03 +0300
Subject: [PATCH] fix vulnerability rexml CVE-2021-28965

Name: rexml
Version: 3.2.4
Advisory: CVE-2021-28965
Criticality: Unknown
URL: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
Title: XML round-trip vulnerability in REXML
Solution: upgrade to >= 3.2.5
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 6c1bd15e2..b6fb31f88 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -440,7 +440,7 @@ GEM
     responders (2.4.0)
       actionpack (>= 4.2.0, < 5.3)
       railties (>= 4.2.0, < 5.3)
-    rexml (3.2.4)
+    rexml (3.2.5)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)