zax
zax copied to clipboard
vault12
NaCl-based Cryptographic Relay
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.9 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
Bumps [rack](https://github.com/rack/rack) from 2.2.3 to 2.2.3.1. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.7 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [puma](https://github.com/puma/puma) from 5.3.2 to 5.6.4. Release notes Sourced from puma's releases. 5.6.4 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) The 5.6.3 release was a mistake (released the wrong...
According to the [specification](http://bit.ly/nacl_relay_spec)(part 3.1, "Alice initiates session), ``` The same client_token requests should return the same relay_token until the handshake attempt expires(1m) ``` For now, it does not seem...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.7 to 1.13.9. Release notes Sourced from nokogiri's releases. 1.13.9 / 2022-10-18 Security [CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.2 to 1.16.5. Release notes Sourced from nokogiri's releases. v1.16.5 / 2024-05-13 Security [CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See GHSA-r95h-9x8f-r3f7 for more information. Dependencies...