Upgrade google-protobuf to fix vulnerability

See [1], from which I quote: > When parsing unknown fields in the Protobuf Java Lite and Full library, > a maliciously crafted message can cause a StackOverflow error and lead > to a program crash. [1] https://github.com/gma/nesta/security/dependabot/27
gma · Sep 24, 2024 · 54eb8e1 · 54eb8e1
1 parent 1f453a7
commit 54eb8e1
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -29,7 +29,7 @@ GEM
       rack-test (>= 0.5.4)
       xpath (>= 2.0, < 4.0)
     ffi (1.15.5)
-    google-protobuf (3.22.2)
+    google-protobuf (3.25.5)
     haml (5.2.2)
       temple (>= 0.8.0)
       tilt