Update Ruby to version 2.4.4 (#6964)

https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems

diff --git a/.ruby-version b/.ruby-version
index 437459cd94c9fa59d82c61c0bc8aa36e293b735e..73462a5a13445f66009e00988279d30e55aa8363 100644 (file)
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-2.5.0
+2.5.1

diff --git a/.travis.yml b/.travis.yml
index 576659aafc2b02271209b7a682506a6d8c0d0569..989237a1923b5245d410b7e5ab0cc0cd7ede4125 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -39,7 +39,7 @@ addons:
       - yarn
 
 rvm:
-  - 2.4.2
+  - 2.4.3
   - 2.5.0
 
 services:

diff --git a/Dockerfile b/Dockerfile
index 0801f5747f9e357e95880c928b2bf4d2714f4080..5f17c5b89c29efec6140729b1a9e33b32ab1922b 100644 (file)
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ruby:2.4.3-alpine3.6
+FROM ruby:2.4.4-alpine3.6
 
 LABEL maintainer="https://github.com/tootsuite/mastodon" \
       description="Your self-hosted, globally interconnected microblogging community"