summary refs log tree commit homepage
path: root/rainbows.gemspec
diff options
context:
space:
mode:
Diffstat (limited to 'rainbows.gemspec')
-rw-r--r--rainbows.gemspec6
1 files changed, 3 insertions, 3 deletions
diff --git a/rainbows.gemspec b/rainbows.gemspec
index 0fda618..579088f 100644
--- a/rainbows.gemspec
+++ b/rainbows.gemspec
@@ -41,9 +41,9 @@ Gem::Specification.new do |s|
   s.test_files = test_files
 
   # we need Unicorn for the HTTP parser and process management
-  # The HTTP parser in Unicorn < 0.96.1 did not use the Ruby
-  # API correctly and resulted in a memory leak
-  s.add_dependency(%q<unicorn>, ["~> 0.97.0"])
+  # The HTTP parser in Unicorn <= 0.97.0 was vulnerable to a remote DoS
+  # when exposed directly to untrusted clients.
+  s.add_dependency(%q<unicorn>, ["~> 0.97.1"])
 
   # Unicorn already depends on Rack
   # s.add_dependency(%q<rack>)