From 8f4c254d75664f8e0fd025288c36ac08e26c42c6 Mon Sep 17 00:00:00 2001
From: Sylvain <sylvain@sleede.com>
Date: Wed, 4 May 2022 10:36:57 +0200
Subject: [PATCH] (security) updated ruby to 2.6.10

---
 .ruby-version | 2 +-
 CHANGELOG.md  | 1 +
 Dockerfile    | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.ruby-version b/.ruby-version
index 9f45c9eeb..7213b446a 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-ruby-2.6.7
+ruby-2.6.10
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3e7c2daf0..5662d464e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@
 
 - when generating an avoir, the option "by_wallet" is not present anymore if wallet module is off
 - Fix a bug: edge case of birthday in the future in seeds.rb, we should use Date.current instead of DateTime.current since birthday is a date (see https://github.com/sleede/fab-manager/issues/344)
+- Fix a security issue: updated ruby to 2.6.10 to fix [CVE-2022-28739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739)
 
 ## v5.3.13 2022 May 02
 
diff --git a/Dockerfile b/Dockerfile
index 4a94e3190..f8381188c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ruby:2.6.9-alpine
+FROM ruby:2.6.10-alpine
 MAINTAINER contact@fab-manager.com
 
 # Install upgrade system packages