Update bundler to 2.2.33

Signed-off-by: Andy Tinkham <andy.tinkham@cyberark.com>
cyberark · Jul 13, 2023 · 502a18a · 502a18a
1 parent 05aa1aa
commit 502a18a
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Nothing should go in this section, please add to the latest unreleased version
  (and update the corresponding date), or add a new version.
 
+## [1.19.3.1] - 2023-07-12
+### Security
+- Update bundler to 2.2.33 to remove CVE-2021-43809
+ [cyberark/conjur#2804](https://github.com/cyberark/conjur/pull/2804/files)
+
 ## [1.19.3] - 2023-04-17
 
 ### Added

diff --git a/Dockerfile.fpm b/Dockerfile.fpm
@@ -5,7 +5,7 @@ RUN apt-get update -y && \
  apt-get install -y zlib1g-dev \
  liblzma-dev
 
-ENV BUNDLER_VERSION 2.2.30
+ENV BUNDLER_VERSION 2.2.33
 RUN gem install --no-document bundler:$BUNDLER_VERSION fpm
 
 RUN mkdir -p /src/opt/conjur/project

diff --git a/ci/coverage-report-generator/Gemfile.lock b/ci/coverage-report-generator/Gemfile.lock
@@ -17,4 +17,4 @@ DEPENDENCIES
  simplecov_json_formatter (= 0.1.4)
 
 BUNDLED WITH
- 2.2.30
+ 2.2.33
diff --git a/ci/coverage-report-generator/run.sh b/ci/coverage-report-generator/run.sh
@@ -7,7 +7,7 @@
 set -xeu
 
 IMAGE="ruby:3.0"
-BUNDLER_VERSION="2.2.30"
+BUNDLER_VERSION="2.2.33"
 
 REPO_ROOT=$(git rev-parse --show-toplevel)
 

diff --git a/docs/Dockerfile b/docs/Dockerfile
@@ -2,7 +2,7 @@ FROM jekyll/jekyll:4.0
 
 ADD Gemfile Gemfile.lock /srv/jekyll/
 
-ENV BUNDLER_VERSION 2.2.30
+ENV BUNDLER_VERSION 2.2.33
 RUN gem install bundler -v $BUNDLER_VERSION
 
 RUN bundle --without development
diff --git a/gems/policy-parser/Dockerfile.test b/gems/policy-parser/Dockerfile.test
@@ -8,6 +8,6 @@ COPY conjur-policy-parser.gemspec conjur-policy-parser.gemspec
 COPY lib/conjur-policy-parser-version.rb lib/conjur-policy-parser-version.rb
 
 # Make sure the expected version of Bundler is available
-ENV BUNDLER_VERSION=2.2.30
+ENV BUNDLER_VERSION=2.2.33
 RUN gem install bundler -v ${BUNDLER_VERSION} && \
  bundle install
diff --git a/gems/policy-parser/conjur-policy-parser.gemspec b/gems/policy-parser/conjur-policy-parser.gemspec
@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
  spec.add_dependency("activesupport", ">= 4.2")
  spec.add_dependency("safe_yaml")
 
- spec.add_development_dependency("bundler", "~> 2.2.30")
+ spec.add_development_dependency("bundler", "~> 2.2.33")
  spec.add_development_dependency("ci_reporter_rspec")
  spec.add_development_dependency("deepsort")
  spec.add_development_dependency("pry")