Fix mini_magick version to >= 4.9.4, due to CVE-2019-13574 vulnerability

2a121bbb · Martin Markech · 5c77aa98 · 2a121bbb · 2a121bbb
Commit 2a121bbb authored Oct 31, 2019 by Martin Markech
--- a/Changelog.md
+++ b/Changelog.md
+## 0.3.0 [unreleased]
+* Fix mini_magick version to >= 4.9.4, due to CVE-2019-13574 vulnerability
+
+
 ## 0.2.0 [29 December 2016]
 * introduce support for Rails 4.2 and Refinery 3.0
 * introduce Strong Parameters protection instead of attr_*

--- a/refinerycms-photo-gallery.gemspec
+++ b/refinerycms-photo-gallery.gemspec
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
  s.add_dependency    'refinerycms-core',     '~> 3.0.5'
  s.add_dependency    'mime-types'
  s.add_dependency    'carrierwave', '0.6.2'
-  s.add_dependency    'mini_magick'
+  s.add_dependency    'mini_magick', ">= 4.9.4"
  s.add_dependency    'mini_exiftool'

  # Development dependencies