diff options
author | Eric Wong <normalperson@yhbt.net> | 2010-04-19 15:45:44 -0700 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2010-04-19 15:45:44 -0700 |
commit | 85316b09eba1443508e78237b56e42292ab3b127 (patch) | |
tree | 9a287d30c1f8bf879360b0e4267dcda7187be4d3 /rainbows.gemspec | |
parent | 72fdcf1c39c2a143d7abd8d2609e92311edff341 (diff) | |
parent | 3d0558d7c80c63bab48eb561fdb7e3d580428b01 (diff) | |
download | rainbows-85316b09eba1443508e78237b56e42292ab3b127.tar.gz |
* maint: Rainbows! 0.91.1 - use a less-broken parser from Unicorn
Diffstat (limited to 'rainbows.gemspec')
-rw-r--r-- | rainbows.gemspec | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/rainbows.gemspec b/rainbows.gemspec index 0fda618..579088f 100644 --- a/rainbows.gemspec +++ b/rainbows.gemspec @@ -41,9 +41,9 @@ Gem::Specification.new do |s| s.test_files = test_files # we need Unicorn for the HTTP parser and process management - # The HTTP parser in Unicorn < 0.96.1 did not use the Ruby - # API correctly and resulted in a memory leak - s.add_dependency(%q<unicorn>, ["~> 0.97.0"]) + # The HTTP parser in Unicorn <= 0.97.0 was vulnerable to a remote DoS + # when exposed directly to untrusted clients. + s.add_dependency(%q<unicorn>, ["~> 0.97.1"]) # Unicorn already depends on Rack # s.add_dependency(%q<rack>) |