From f332432c3a6bb0f88cc0658fdfa49faffdf17efa Mon Sep 17 00:00:00 2001
From: Laura Filmeyer <filmeyer.dev@gmail.com>
Date: Tue, 29 Oct 2024 20:03:43 -0400
Subject: [PATCH] fix CVE-2024-49761

---
 backend/Gemfile      | 2 +-
 backend/Gemfile.lock | 6 ++----
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/backend/Gemfile b/backend/Gemfile
index 70639f22..cec3b6e8 100644
--- a/backend/Gemfile
+++ b/backend/Gemfile
@@ -18,7 +18,7 @@ gem 'pundit'
 gem 'rack', '~> 2.0'
 gem 'rack-cors', '~> 2.0'
 gem 'rails', '~> 7.1.4'
-gem 'rexml', '>= 3.3.3'
+gem 'rexml', '>= 3.3.9'
 gem 'sendgrid-actionmailer'
 gem 'sprockets-rails'
 gem 'sucker_punch', '~> 3.0'
diff --git a/backend/Gemfile.lock b/backend/Gemfile.lock
index 9ae57295..abd2944f 100644
--- a/backend/Gemfile.lock
+++ b/backend/Gemfile.lock
@@ -242,8 +242,7 @@ GEM
     responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
-    rexml (3.3.6)
-      strscan
+    rexml (3.3.9)
     rspec-core (3.13.0)
       rspec-support (~> 3.13.0)
     rspec-expectations (3.13.1)
@@ -296,7 +295,6 @@ GEM
       activesupport (>= 6.1)
       sprockets (>= 3.0.0)
     stringio (3.1.1)
-    strscan (3.1.0)
     sucker_punch (3.2.0)
       concurrent-ruby (~> 1.0)
     syntax_suggest (2.0.0)
@@ -347,7 +345,7 @@ DEPENDENCIES
   rack (~> 2.0)
   rack-cors (~> 2.0)
   rails (~> 7.1.4)
-  rexml (>= 3.3.3)
+  rexml (>= 3.3.9)
   rspec-rails (~> 6.0.0)
   rubocop
   rubocop-rails