bump carrierwave

Fixes https://nvd.nist.gov/vuln/detail/CVE-2021-21288 and https://nvd.nist.gov/vuln/detail/CVE-2021-21305

Gemfile.lock

@@ -317,10 +317,11 @@ GEM
     capybara-screenshot (1.0.25)
       capybara (>= 1.0, < 4)
       launchy
-    carrierwave (1.3.1)
+    carrierwave (1.3.2)
       activemodel (>= 4.0.0)
       activesupport (>= 4.0.0)
       mime-types (>= 1.16)
+      ssrf_filter (~> 1.0)
     carrierwave_direct (2.1.0)
       carrierwave (>= 1.0.0)
       fog-aws
@@ -512,7 +513,7 @@ GEM
       domain_name (~> 0.5)
     http_parser.rb (0.6.0)
     httpclient (2.8.3)
-    i18n (1.8.7)
+    i18n (1.8.8)
       concurrent-ruby (~> 1.0)
     i18n-js (3.8.0)
       i18n (>= 0.6.6)
@@ -850,6 +851,7 @@ GEM
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
+    ssrf_filter (1.0.7)
     stackprof (0.2.16)
     stringex (2.8.5)
     structured_warnings (0.4.0)

lib/open_project/patches/carrierwave_sanitized_file.rb

@@ -6,7 +6,7 @@ require 'carrierwave/storage/fog'
 #
 # @todo Upgrade to CarrierWave 2.0.2 to make this patch obsolete.
 
-if Gem.loaded_specs["carrierwave"].version > Gem::Version.new('1.3.1')
+if Gem.loaded_specs["carrierwave"].version > Gem::Version.new('1.3.2')
   raise "Check if these patches of Carrierwave are still required"
 end
 

lib/open_project/patches/fog_file.rb

@@ -1,4 +1,4 @@
-if Gem.loaded_specs["carrierwave"].version > Gem::Version.new('1.3.1')
+if Gem.loaded_specs["carrierwave"].version > Gem::Version.new('1.3.2')
   raise "Check if these patches of Carrierwave are still required"
 end