Skip to content

dependency: bump puma from 5.5.0 to 5.5.1

George Koltsov requested to merge dependabot-bundler-puma-5.5.1 into master

Bumps puma from 5.5.0 to 5.5.1.

Release notes

Sourced from puma's releases.

5.5.1

https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx

Changelog

Sourced from puma's changelog.

5.5.1 / 2021-10-12

  • Security
    • Do not allow LF as a line ending in a header (CVE-2021-41136)
Commits


Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • @dependabot-bot rebase will rebase this MR
  • @dependabot-bot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports

Loading