From 54eb8e1e579de72d14b254a0310a88d022c453f7 Mon Sep 17 00:00:00 2001
From: Graham Ashton <graham@effectif.com>
Date: Tue, 24 Sep 2024 11:56:44 +0100
Subject: [PATCH] Upgrade google-protobuf to fix vulnerability

See [1], from which I quote:

> When parsing unknown fields in the Protobuf Java Lite and Full library,
> a maliciously crafted message can cause a StackOverflow error and lead
> to a program crash.

[1] https://github.com/gma/nesta/security/dependabot/27
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 7bcd5fe5..835f9400 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -29,7 +29,7 @@ GEM
       rack-test (>= 0.5.4)
       xpath (>= 2.0, < 4.0)
     ffi (1.15.5)
-    google-protobuf (3.22.2)
+    google-protobuf (3.25.5)
     haml (5.2.2)
       temple (>= 0.8.0)
       tilt