From 976711085d2dacc87569400c0cf8ef744dcf4931 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Tue, 21 Nov 2023 22:43:09 +0100
Subject: redmine: 5.0.5 -> 5.0.6

Fixes CVE-2023-47258, CVE-2023-47259 and CVE-2023-47260.

Changelog:
https://www.redmine.org/projects/redmine/wiki/Changelog_5_0#506-2023-09-30
---
 pkgs/applications/version-management/redmine/Gemfile | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

(limited to 'pkgs/applications/version-management/redmine/Gemfile')

diff --git a/pkgs/applications/version-management/redmine/Gemfile b/pkgs/applications/version-management/redmine/Gemfile
index a00b360e6e04..326f0e0bab0b 100644
--- a/pkgs/applications/version-management/redmine/Gemfile
+++ b/pkgs/applications/version-management/redmine/Gemfile
@@ -3,7 +3,7 @@ source 'https://rubygems.org'
 ruby '>= 2.5.0', '< 3.2.0'
 gem 'bundler', '>= 1.12.0'
 
-gem 'rails', '6.1.7.2'
+gem 'rails', '6.1.7.6'
 gem 'globalid', '~> 0.4.2' if Gem.ruby_version < Gem::Version.new('2.6.0')
 gem 'rouge', '~> 3.28.0'
 gem 'request_store', '~> 1.5.0'
@@ -13,10 +13,16 @@ gem 'roadie-rails', (Gem.ruby_version < Gem::Version.new('2.6.0') ? '~> 2.2.0' :
 gem 'marcel'
 gem "mail", "~> 2.7.1"
 gem 'csv', '~> 3.2.0'
-gem 'nokogiri', (Gem.ruby_version < Gem::Version.new('2.6.0') ? '~> 1.12.5' : '~> 1.13.10')
-gem "rexml"
+gem 'nokogiri', (if Gem.ruby_version < Gem::Version.new('2.6.0')
+                   '~> 1.12.5'
+                 elsif Gem.ruby_version < Gem::Version.new('2.7.0')
+                   '~> 1.13.10'
+                 else
+                   '~> 1.15.2'
+                 end)
+gem "rexml", require: false if Gem.ruby_version >= Gem::Version.new('3.0')
 gem 'i18n', '~> 1.10.0'
-gem 'rbpdf', '~> 1.21.0'
+gem 'rbpdf', '~> 1.21.3'
 gem 'addressable'
 gem 'rubyzip', '~> 2.3.0'
 gem 'net-smtp', '~> 0.3.0'
@@ -70,9 +76,10 @@ end
 
 group :test do
   gem "rails-dom-testing"
-  gem 'mocha', (Gem.ruby_version < Gem::Version.new('2.7.0') ? ['>= 1.4.0', '< 2.0.0'] : '>= 1.4.0')
+  gem 'mocha', '>= 2.0.1'
   gem 'simplecov', '~> 0.21.2', :require => false
   gem "ffi", platforms: [:mri, :mingw, :x64_mingw, :mswin]
+  # For running system tests
   gem 'puma', (Gem.ruby_version < Gem::Version.new('2.7') ? '< 6.0.0' : '>= 0')
   gem 'capybara', (if Gem.ruby_version < Gem::Version.new('2.6')
                      '~> 3.35.3'
-- 
cgit 1.4.1