Actionmailer security issue

[stvnrlly]

Because it relies on a slightly-older version of mail, it looks like actionmailer is susceptible to mikel/mail#1097. The mail gem is already patched, but it hasn't been pulled in yet.

It looks like another fix might be to update Ruby to 2.4.