From def19b392ba1a0c5afd5800bf2573fa1ee5de6f3 Mon Sep 17 00:00:00 2001
From: Sylvain <bond.never.die@gmail.com>
Date: Tue, 27 Nov 2018 17:25:32 +0100
Subject: [PATCH] [security] updated ffi to fix CVE-2018-1000201

---
 CHANGELOG.md | 1 +
 Gemfile.lock | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f2dffe435..0c8b14feb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 - Fix a security issue: dependency moment < 2.11.2 has a vulnerability as described in [CVE-2016-4055](https://nvd.nist.gov/vuln/detail/CVE-2016-4055)
 - Fix a security issue: dependency moment < 2.19.3 has a vulnerability as described in [CVE-2017-18214](https://nvd.nist.gov/vuln/detail/CVE-2017-18214)
 - Fix a security issue: dependency RubyZip < 1.1.2 has a vulnerability as described in [CVE-2018-1000544](https://nvd.nist.gov/vuln/detail/CVE-2018-1000544)
+- Fix a security issue: dependency ffi < 1.9.24 has a vulnerability as described in [CVE-2018-1000201](https://nvd.nist.gov/vuln/detail/CVE-2018-1000201)
 
 # v2.7.0 2018 November 27
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 2adf89d00..8ff2a8124 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -175,7 +175,7 @@ GEM
       i18n (~> 0.5)
     faraday (0.9.2)
       multipart-post (>= 1.2, < 3)
-    ffi (1.9.8)
+    ffi (1.9.24)
     figaro (1.1.0)
       thor (~> 0.14)
     font-awesome-rails (4.6.3.0)