Depend on newest gollum-lib for patched sanitize version

HISTORY.md

@@ -1,3 +1,11 @@
+# 4.1.4 /2018-01-10
+
+* Depend on new version of gollum-lib that relies on a patched version of sanitize, which solves a vulnerability (CVE-2018-3740). See https://github.com/gollum/gollum-lib/pull/296.
+
+# 4.1.3 /2018-17-09
+
+* Solves a vulnerability in the File view and All Pages view that would allow XSS.
+
 # 4.1.2 /2017-08-07
 
 * Lock to a newer version of gollum-lib to avoid installing an outdated and vulnerable dependency (nokogiri) on ruby 2.0. See https://github.com/gollum/gollum-lib/pull/279. Note: this breaks semantic versioning so those using outdated rubies will discover the problem on update.

gollum.gemspec

@@ -5,8 +5,8 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 1.9'
 
   s.name              = 'gollum'
-  s.version           = '4.1.3'
-  s.date              = '2018-09-17'
+  s.version           = '4.1.4'
+  s.date              = '2018-10-01'
   s.rubyforge_project = 'gollum'
   s.license           = 'MIT'
 
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
   s.rdoc_options = ['--charset=UTF-8']
   s.extra_rdoc_files = %w[README.md LICENSE]
 
-  s.add_dependency 'gollum-lib', '>= 4.2.9'
+  s.add_dependency 'gollum-lib', '~> 4.2', '>= 4.2.10'
   s.add_dependency 'kramdown', '~> 1.9.0'
   s.add_dependency 'sinatra', '~> 1.4', '>= 1.4.4'
   s.add_dependency 'mustache', ['>= 0.99.5', '< 1.0.0']
@@ -44,6 +44,7 @@ Gem::Specification.new do |s|
     CONTRIBUTING.md
     Gemfile
     HISTORY.md
+    ISSUE_TEMPLATE.md
     LICENSE
     README.md
     Rakefile