You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 27, 2018. It is now read-only.
Bundler could not find compatible versions for gem "mail":
In Gemfile:
mail (~> 2.6.0)
rails (~> 3.2.22.1) was resolved to 3.2.22.1, which depends on
actionmailer (= 3.2.22.1) was resolved to 3.2.22.1, which depends on
mail (~> 2.5.4)
mailman (~> 0.5.1) was resolved to 0.5.1, which depends on
mail (>= 2.0.3)
The reason I need to upgrade is that Mail, below versions 2.6.0, has an SMTP injection vulnerability.
The text was updated successfully, but these errors were encountered:
I have just created a sample Gemfile with nothing else in there but
source "https://rubygems.org"
gem "mailman"
which installs mailman 0.7.3 and mail 2.6.4. Only after adding gem "rails", "3.2.22.2" to the Gemfile, the older mail gem is used. Judging by the contents of my Gemfile.lock and also the output you provided, this is due to a dependency of actionmailer on mail ~> 2.5.4, which does only allow mail versions lower than 2.6 and greater or equal than 2.5.4.
So in order to fix your problem, you would need to update to rails 4. I don't think, there is anything, that mailman could do.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm getting the following error:
The reason I need to upgrade is that Mail, below versions 2.6.0, has an SMTP injection vulnerability.
The text was updated successfully, but these errors were encountered: