From 17b139e1410e6ca4ced26eb51939149d4dd5e8fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= <jjbazan@gmail.com>
Date: Wed, 11 Jul 2018 19:03:33 +0200
Subject: [PATCH] updates sprockets

address vulnerability in sprockets CVE-2018-3760.  https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
---
 Gemfile      | 2 +-
 Gemfile.lock | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index be4ee12f167..f812d800d37 100644
--- a/Gemfile
+++ b/Gemfile
@@ -46,7 +46,7 @@ gem 'sass-rails', '~> 5.0', '>= 5.0.4'
 gem 'savon', '~> 2.11.1'
 gem 'sitemap_generator', '~> 6.0.1'
 gem 'social-share-button', '~> 1.1'
-gem 'sprockets', '~> 3.7.1'
+gem 'sprockets', '~> 3.7.2'
 gem 'turbolinks', '~> 2.5.3'
 gem 'turnout', '~> 2.4.0'
 gem 'uglifier', '~> 4.1.2'
diff --git a/Gemfile.lock b/Gemfile.lock
index d4ddaa77683..b2d9c7db4e2 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -323,7 +323,7 @@ GEM
     public_suffix (3.0.1)
     quiet_assets (1.1.0)
       railties (>= 3.1, < 5.0)
-    rack (1.6.9)
+    rack (1.6.10)
     rack-accept (0.4.5)
       rack (>= 0.4)
     rack-attack (5.0.1)
@@ -437,7 +437,7 @@ GEM
       activesupport (>= 4.2)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
-    sprockets (3.7.1)
+    sprockets (3.7.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-es6 (0.9.2)
@@ -571,7 +571,7 @@ DEPENDENCIES
   social-share-button (~> 1.1)
   spring (~> 2.0.1)
   spring-commands-rspec (~> 1.0.4)
-  sprockets (~> 3.7.1)
+  sprockets (~> 3.7.2)
   turbolinks (~> 2.5.3)
   turnout (~> 2.4.0)
   uglifier (~> 4.1.2)