summary refs log tree commit homepage
diff options
context:
space:
mode:
-rwxr-xr-xGIT-VERSION-GEN2
-rw-r--r--lib/rainbows/const.rb2
-rw-r--r--rainbows.gemspec6
3 files changed, 5 insertions, 5 deletions
diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN
index 366063e..95d54f9 100755
--- a/GIT-VERSION-GEN
+++ b/GIT-VERSION-GEN
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 GVF=GIT-VERSION-FILE
-DEF_VER=v0.91.0.GIT
+DEF_VER=v0.91.1.GIT
 
 LF='
 '
diff --git a/lib/rainbows/const.rb b/lib/rainbows/const.rb
index 4250866..99fb257 100644
--- a/lib/rainbows/const.rb
+++ b/lib/rainbows/const.rb
@@ -3,7 +3,7 @@
 module Rainbows
 
   module Const
-    RAINBOWS_VERSION = '0.91.0'
+    RAINBOWS_VERSION = '0.91.1'
 
     include Unicorn::Const
 
diff --git a/rainbows.gemspec b/rainbows.gemspec
index 0fda618..579088f 100644
--- a/rainbows.gemspec
+++ b/rainbows.gemspec
@@ -41,9 +41,9 @@ Gem::Specification.new do |s|
   s.test_files = test_files
 
   # we need Unicorn for the HTTP parser and process management
-  # The HTTP parser in Unicorn < 0.96.1 did not use the Ruby
-  # API correctly and resulted in a memory leak
-  s.add_dependency(%q<unicorn>, ["~> 0.97.0"])
+  # The HTTP parser in Unicorn <= 0.97.0 was vulnerable to a remote DoS
+  # when exposed directly to untrusted clients.
+  s.add_dependency(%q<unicorn>, ["~> 0.97.1"])
 
   # Unicorn already depends on Rack
   # s.add_dependency(%q<rack>)