evil-winrm: Update gems to fix rexml vulnerability (#392400)

Author: SuperSandro2000

pkgs/by-name/ev/evil-winrm/Gemfile.lock

@@ -2,30 +2,32 @@ GEM
   remote: https://rubygems.org/
   specs:
     base64 (0.2.0)
-    bigdecimal (3.1.8)
+    bigdecimal (3.1.9)
     builder (3.3.0)
-    erubi (1.13.0)
-    ffi (1.17.0)
-    fileutils (1.7.2)
+    erubi (1.13.1)
+    ffi (1.17.1)
+    fileutils (1.7.3)
     gssapi (1.3.1)
       ffi (>= 1.0.1)
     gyoku (1.4.0)
       builder (>= 2.1.2)
       rexml (~> 3.0)
-    httpclient (2.8.3)
+    httpclient (2.9.0)
+      mutex_m
     little-plugger (1.1.4)
-    logger (1.6.1)
+    logger (1.6.6)
     logging (2.4.0)
       little-plugger (~> 1.1)
       multi_json (~> 1.14)
     multi_json (1.15.0)
+    mutex_m (0.3.0)
     nori (2.7.1)
       bigdecimal
-    rexml (3.3.8)
+    rexml (3.4.1)
     rubyntlm (0.6.5)
       base64
-    rubyzip (2.3.2)
-    stringio (3.1.1)
+    rubyzip (2.4.1)
+    stringio (3.1.5)
     winrm (2.3.9)
       builder (>= 2.1.2)
       erubi (~> 1.8)
@@ -53,4 +55,4 @@ DEPENDENCIES
   winrm-fs
 
 BUNDLED WITH
-   2.2.24
+   2.6.2

pkgs/by-name/ev/evil-winrm/gemset.nix

@@ -14,10 +14,10 @@
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "1gi7zqgmqwi5lizggs1jhc3zlwaqayy9rx2ah80sxy24bbnng558";
+      sha256 = "1k6qzammv9r6b2cw3siasaik18i6wjc5m0gw5nfdc6jj64h79z1g";
       type = "gem";
     };
-    version = "3.1.8";
+    version = "3.1.9";
   };
   builder = {
     groups = [ "default" ];
@@ -34,30 +34,30 @@
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "0qnd6ff4az22ysnmni3730c41b979xinilahzg86bn7gv93ip9pw";
+      sha256 = "1naaxsqkv5b3vklab5sbb9sdpszrjzlfsbqpy7ncbnw510xi10m0";
       type = "gem";
     };
-    version = "1.13.0";
+    version = "1.13.1";
   };
   ffi = {
     groups = [ "default" ];
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "07139870npj59jnl8vmk39ja3gdk3fb5z9vc0lf32y2h891hwqsi";
+      sha256 = "0fgwn1grxf4zxmyqmb9i4z2hr111585n9jnk17y6y7hhs7dv1xi6";
       type = "gem";
     };
-    version = "1.17.0";
+    version = "1.17.1";
   };
   fileutils = {
     groups = [ "default" ];
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "0c86k3027r896wsgvjgdx27kg5d2x4479bc6ni93w9hq88rgp81n";
+      sha256 = "1nmmbvqxssmn9cav5x5sxcw9ab3vqpskdy3nbmsqfjk99f2iw9sp";
       type = "gem";
     };
-    version = "1.7.2";
+    version = "1.7.3";
   };
   gssapi = {
     dependencies = [ "ffi" ];
@@ -85,14 +85,15 @@
     version = "1.4.0";
   };
   httpclient = {
+    dependencies = [ "mutex_m" ];
     groups = [ "default" ];
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99";
+      sha256 = "1j4qwj1nv66v3n9s4xqf64x2galvjm630bwa5xngicllwic5jr2b";
       type = "gem";
     };
-    version = "2.8.3";
+    version = "2.9.0";
   };
   little-plugger = {
     groups = [ "default" ];
@@ -109,10 +110,10 @@
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "0lwncq2rf8gm79g2rcnnyzs26ma1f4wnfjm6gs4zf2wlsdz5in9s";
+      sha256 = "05s008w9vy7is3njblmavrbdzyrwwc1fsziffdr58w9pwqj8sqfx";
       type = "gem";
     };
-    version = "1.6.1";
+    version = "1.6.6";
   };
   logging = {
     dependencies = [
@@ -138,6 +139,16 @@
     };
     version = "1.15.0";
   };
+  mutex_m = {
+    groups = [ "default" ];
+    platforms = [ ];
+    source = {
+      remotes = [ "https://rubygems.org" ];
+      sha256 = "0l875dw0lk7b2ywa54l0wjcggs94vb7gs8khfw9li75n2sn09jyg";
+      type = "gem";
+    };
+    version = "0.3.0";
+  };
   nori = {
     dependencies = [ "bigdecimal" ];
     groups = [ "default" ];
@@ -154,10 +165,10 @@
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "0rr145mvjgc4n28lfy0gw87aw3ab680h83bdi5i102ik8mixk3zn";
+      sha256 = "1jmbf6lf7pcyacpb939xjjpn1f84c3nw83dy3p1lwjx0l2ljfif7";
       type = "gem";
     };
-    version = "3.3.8";
+    version = "3.4.1";
   };
   rubyntlm = {
     dependencies = [ "base64" ];
@@ -175,20 +186,20 @@
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz";
+      sha256 = "05an0wz87vkmqwcwyh5rjiaavydfn5f4q1lixcsqkphzvj7chxw5";
       type = "gem";
     };
-    version = "2.3.2";
+    version = "2.4.1";
   };
   stringio = {
     groups = [ "default" ];
     platforms = [ ];
     source = {
       remotes = [ "https://rubygems.org" ];
-      sha256 = "07mfqb40b2wh53k33h91zva78f9zwcdnl85jiq74wnaw2wa6wiak";
+      sha256 = "1j1mgvrgkxhadi6nb6pz1kcff7gsb5aivj1vfhsia4ssa5hj9adw";
       type = "gem";
     };
-    version = "3.1.1";
+    version = "3.1.5";
   };
   winrm = {
     dependencies = [

pkgs/by-name/ev/evil-winrm/package.nix

@@ -3,6 +3,7 @@
 , fetchFromGitHub
 , makeWrapper
 , bundlerEnv
+, bundlerUpdateScript
 }:
 
 stdenv.mkDerivation rec {
@@ -36,6 +37,8 @@ stdenv.mkDerivation rec {
     cp evil-winrm.rb $out/bin/evil-winrm
   '';
 
+  passthru.updateScript = bundlerUpdateScript "evil-winrm";
+
   meta = with lib; {
     description = "WinRM shell for hacking/pentesting";
     mainProgram = "evil-winrm";