From ccb86fdcd66755cf828c112efbe6b8d7ca327489 Mon Sep 17 00:00:00 2001 From: Allan Souza Date: Sun, 7 Jun 2026 21:34:29 -0300 Subject: [PATCH] Bump puma to 8.0.2 to fix CVE-2026-47736 and CVE-2026-47737 bundler-audit (fresh advisory DB) flagged two High-severity PROXY Protocol v1 vulnerabilities in puma 8.0.1. Update to 8.0.2 as advised. --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5b54abe..d6d65e5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -193,7 +193,7 @@ GEM psych (5.3.1) date stringio - puma (8.0.1) + puma (8.0.2) nio4r (~> 2.0) raabro (1.4.0) racc (1.8.1)