Require a higher version of jquery-rails due to CVE-2015-1840

Lower versions of jQuery are affected by security issue CVE-2015-1840.
mschnitzer · Mar 11, 2019 · 37826ac · 37826ac
1 parent a128747
commit 37826ac
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lightbox2.gemspec b/lightbox2.gemspec
@@ -15,5 +15,5 @@ Gem::Specification.new do |s|
     '*.md',
   ]
 
-  s.add_runtime_dependency 'jquery-rails', '~> 2.0', '>= 2.0.0'
+  s.add_dependency 'jquery-rails', '>= 3.1.3'
 end