Bump net-imap from 0.6.4 to 0.6.4.1 in /spec/tester_mongo_rails_6

[dependabot]

Bumps net-imap from 0.6.4 to 0.6.4.1.

Release notes

Sourced from net-imap's releases.

v0.6.4.1

What's Changed

🔒 Security

This release fixes several more security vulnerabilities which are related to the fixes in v0.6.4. Please see the linked security advisories for more information.

• (moderate) Command Injection via non-synchronizing literal in "raw" argument (CVE-2026-47240, GHSA-8p34-64r3-mwg8) This vulnerability depends how the server interprets non-synchronizing literals. The connection is not vulnerable if the server supports non-synchronizing literals.
  • 🥅 Validate non-synchronizing literals support by @​nevans in ruby/net-imap#701
• (moderate) Command Injection via unvalidated ID and ENABLE arguments (CVE-2026-47242, GHSA-46q3-7gv7-qmgg)
  • 🥅 Validate ID values contain only valid bytes by @​nevans in ruby/net-imap#698
  • 🥅 Validate #enable arguments are all atoms by @​nevans in ruby/net-imap#699 NOTE: #enable should never be called with untrusted input.
• (low) Denial of Service via incomplete "raw" argument validation (CVE-2026-47241, GHSA-c4fp-cxrr-mj66) This results in the affected command hanging until the connection is closed. If another thread attempts to send a concurrent pipelined command, the first thread will return with a syntax error and the second thread will hang until the connection closes.
  • Reported by @​fg0x0
  • 🐛 Prevent trailing {0} in RawData validation by @​nevans in ruby/net-imap#700

Added

• 🔍 Add more detail to Net::IMAP#inspect TLS info by @​nevans in ruby/net-imap#674

Fixed

• 🔧 Disallow config.max_non_synchronizing_literal = nil by @​nevans in ruby/net-imap#672
• 🧵 Fix deadlock in #disconnect by @​nevans in ruby/net-imap#686
• 🥅 Validate that Atom and Flag are not empty by @​nevans in ruby/net-imap#684

Documentation

• ⚠️ Boost visibility of raw data argument documentation warnings by @​nevans in ruby/net-imap#677

Other Changes

• 🏷️ Allow 64-bit Integer arguments by @​nevans in ruby/net-imap#675
• 🥅 Ensure send_number_data input is an Integer by @​nevans in ruby/net-imap#676
• ♻️ Improve RawData.new, Add RawData.split by @​nevans in ruby/net-imap#679
• 🏷️ Less strict number string coercion, to match RFCs by @​nevans in ruby/net-imap#680
• 🥅 Validate response literal byte size format by @​nevans in ruby/net-imap#681

Miscellaneous

• ⬆️ Bump step-security/harden-runner from 2.19.0 to 2.19.1 by @​dependabot[bot] in ruby/net-imap#673
• ✅ Improvements to tests' FakeServer by @​nevans in ruby/net-imap#678
• ⬆️ Bump step-security/harden-runner from 2.19.1 to 2.19.3 by @​dependabot[bot] in ruby/net-imap#682
• ⬆️ Bump step-security/harden-runner from 2.19.3 to 2.19.4 by @​dependabot[bot] in ruby/net-imap#683

Full Changelog: ruby/net-imap@v0.6.4...v0.6.4.1

Commits

• 357f3b5 🔖 Bump version to 0.6.4.1
• e066b83 🔀 Merge pull request #701 from ruby/security/validate-non_sync_literal-support
• 0ea9eba ✅ Fix flaky tests for MacOS, TruffleRuby
• 5cad699 🔀 Merge pull request #700 from ruby/security/fix-raw_data-trailing-literal-ma...
• 5a0af4a 🔀 Merge pull request #699 from ruby/security/validate-enable-arguments
• b9d1972 🔀 Merge pull request #698 from ruby/security/validate-quoted-data
• 07e002b ♻️ Use QuotedString internally to send quoted string
• ae9f83b ♻️ Extract str.bytesize lvar in send_literal
• d6ddd29 🐛 Prevent trailing {0} in RawData validation
• 1f97168 🥅 Validate #enable arguments are all atoms
• Additional commits viewable in compare view