From 1767a04be7afb5f94a7fad27371c6c58cd89a347 Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Mon, 18 Mar 2013 12:21:23 -0700
Subject: [PATCH] Upgrade to Rails 2.3.18 to get fixes for CVE-2013-1855,
 CVE-2013-1856, CVE-2013-1857.

---
 Gemfile               |  2 +-
 Gemfile.lock          | 34 +++++++++++++++++-----------------
 config/environment.rb |  2 +-
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/Gemfile b/Gemfile
index 72f773b2..387e283b 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,7 +1,7 @@
 source :rubygems
 
 # A fork of rails that is kept up to date with security patches
-git "git://github.com/mysociety/rails.git", :tag => "v2.3.17.1" do
+git "git://github.com/mysociety/rails.git", :tag => "v2.3.18.1" do
   gem 'rails'
 end
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 168da4fa..79f2b16e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,24 +1,24 @@
 GIT
   remote: git://github.com/mysociety/rails.git
-  revision: 893560c501f2c3eda044938840108431dcf6ab91
-  tag: v2.3.17.1
+  revision: c0d325a13e133b14d2faa01053226cd77c1378a7
+  tag: v2.3.18.1
   specs:
-    actionmailer (2.3.17)
-      actionpack (= 2.3.17)
-    actionpack (2.3.17)
-      activesupport (= 2.3.17)
+    actionmailer (2.3.18)
+      actionpack (= 2.3.18)
+    actionpack (2.3.18)
+      activesupport (= 2.3.18)
       rack (~> 1.1.0)
-    activerecord (2.3.17)
-      activesupport (= 2.3.17)
-    activeresource (2.3.17)
-      activesupport (= 2.3.17)
-    activesupport (2.3.17)
-    rails (2.3.17)
-      actionmailer (= 2.3.17)
-      actionpack (= 2.3.17)
-      activerecord (= 2.3.17)
-      activeresource (= 2.3.17)
-      activesupport (= 2.3.17)
+    activerecord (2.3.18)
+      activesupport (= 2.3.18)
+    activeresource (2.3.18)
+      activesupport (= 2.3.18)
+    activesupport (2.3.18)
+    rails (2.3.18)
+      actionmailer (= 2.3.18)
+      actionpack (= 2.3.18)
+      activerecord (= 2.3.18)
+      activeresource (= 2.3.18)
+      activesupport (= 2.3.18)
       rake (>= 0.8.3)
 
 GEM
diff --git a/config/environment.rb b/config/environment.rb
index ca5d08c1..4006e2aa 100644
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -1,7 +1,7 @@
 # Be sure to restart your server when you modify this file
 
 # Specifies gem version of Rails to use when vendor/rails is not present
-RAILS_GEM_VERSION = '2.3.17' unless defined? RAILS_GEM_VERSION
+RAILS_GEM_VERSION = '2.3.18' unless defined? RAILS_GEM_VERSION
 
 # Bootstrap the Rails environment, frameworks, and default configuration
 require File.join(File.dirname(__FILE__), 'boot')