diff --git a/README.md b/README.md index 8282d167..44498522 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,8 @@ gollum -- A git-based Wiki [![Build Status](https://travis-ci.org/gollum/gollum.svg?branch=master)](https://travis-ci.org/gollum/gollum) [![Open Source Helpers](https://www.codetriage.com/gollum/gollum/badges/users.svg)](https://www.codetriage.com/gollum/gollum) +**Please update to gollum 5.1.1 to counter a recent exploit in the kramdown rendering gem, [CVE-2020-14001](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14001)** + **Gollum version 5.0 is out!** See [here](https://github.com/gollum/gollum/wiki/5.0-release-notes) for a list of changes and new features compared to Gollum version 4.x, and see some [Screenshots](https://github.com/gollum/gollum/wiki/Screenshots) of Gollum's features. ## DESCRIPTION diff --git a/gollum.gemspec b/gollum.gemspec index 7d5d7da9..0aff4a5f 100644 --- a/gollum.gemspec +++ b/gollum.gemspec @@ -5,8 +5,8 @@ Gem::Specification.new do |s| s.required_ruby_version = '>= 1.9' s.name = 'gollum' - s.version = '5.1' - s.date = '2020-08-03' + s.version = '5.1.1' + s.date = '2020-08-11' s.license = 'MIT' s.summary = 'A simple, Git-powered wiki.' @@ -24,7 +24,7 @@ Gem::Specification.new do |s| s.extra_rdoc_files = %w[README.md LICENSE] s.add_dependency 'gollum-lib', '~> 5.0' - s.add_dependency 'kramdown', '~> 2.1.0' + s.add_dependency 'kramdown', '~> 2.3' s.add_dependency 'kramdown-parser-gfm', '~> 1.0.0' s.add_dependency 'sinatra', '~> 2.0' s.add_dependency 'sinatra-contrib', '~> 2.0' diff --git a/lib/gollum.rb b/lib/gollum.rb index d4580768..6308f17a 100644 --- a/lib/gollum.rb +++ b/lib/gollum.rb @@ -12,7 +12,7 @@ require 'rhino' if RUBY_PLATFORM == 'java' require File.expand_path('../gollum/uri_encode_component', __FILE__) module Gollum - VERSION = '5.1' + VERSION = '5.1.1' def self.assets_path ::File.expand_path('gollum/public', ::File.dirname(__FILE__))