diff --git a/.rubocop.yml b/.rubocop.yml
index c571667..20c7f2f 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -2,8 +2,13 @@ inherit_gem:
   citizens-advice-style:
     - default.yml
 
+# Not a Rails project
+RSpecRails:
+  Enabled: false
+
 RSpec/MultipleExpectations:
   Enabled: false
 
 RSpec/ExampleLength:
   Enabled: false
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 27a9cde..a82c72b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # CHANGELOG
 
+## v4.3.1 _29 February 2024_
+
+- Rack security fixes
+
 ## v4.3.0 _11 January 2024_
 
 - Update to Ruby 3.3.0
diff --git a/Gemfile b/Gemfile
index 315d03f..df1f936 100644
--- a/Gemfile
+++ b/Gemfile
@@ -16,7 +16,7 @@ gem "redis"
 gem "newrelic_rpm"
 
 group :development do
-  gem "citizens-advice-style", github: "citizensadvice/citizens-advice-style-ruby", tag: "v10.0.1"
+  gem "citizens-advice-style", github: "citizensadvice/citizens-advice-style-ruby", tag: "v11.0.0"
   gem "debug"
   gem "rack-test"
   gem "rspec"
diff --git a/Gemfile.lock b/Gemfile.lock
index 294552e..2152d2a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,12 +1,13 @@
 GIT
   remote: https://github.com/citizensadvice/citizens-advice-style-ruby.git
-  revision: ca09fc508ee68c238428d4558701a766f1e12c79
-  tag: v10.0.1
+  revision: 6762c3c2185d457e090147ce04facaa5a3e71249
+  tag: v11.0.0
   specs:
-    citizens-advice-style (10.0.1)
-      rubocop (~> 1.45)
-      rubocop-rails (~> 2.17)
-      rubocop-rspec (~> 2.18)
+    citizens-advice-style (11.0.0)
+      rubocop (~> 1.62)
+      rubocop-performance (~> 1.20)
+      rubocop-rails (~> 2.24)
+      rubocop-rspec (~> 2.27)
 
 GEM
   remote: https://rubygems.org/
@@ -25,22 +26,21 @@ GEM
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     base64 (0.2.0)
-    bigdecimal (3.1.6)
+    bigdecimal (3.1.7)
     concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
     crack (1.0.0)
       bigdecimal
       rexml
-    debug (1.9.1)
+    debug (1.9.2)
       irb (~> 1.10)
       reline (>= 0.3.8)
     diff-lcs (1.5.1)
     domain_name (0.6.20240107)
-    drb (2.2.0)
-      ruby2_keywords
+    drb (2.2.1)
     ffi (1.16.3)
-    ffi-compiler (1.0.1)
-      ffi (>= 1.0.0)
+    ffi-compiler (1.3.2)
+      ffi (>= 1.15.5)
       rake
     hashdiff (1.1.0)
     http (5.2.0)
@@ -52,36 +52,35 @@ GEM
     http-cookie (1.0.5)
       domain_name (~> 0.5)
     http-form_data (2.3.0)
-    i18n (1.14.1)
+    i18n (1.14.4)
       concurrent-ruby (~> 1.0)
     io-console (0.7.2)
-    irb (1.11.2)
+    irb (1.12.0)
       rdoc
       reline (>= 0.4.2)
-    json (2.7.1)
+    json (2.7.2)
     language_server-protocol (3.17.0.3)
     llhttp-ffi (0.5.0)
       ffi-compiler (~> 1.0)
       rake (~> 13.0)
-    minitest (5.22.2)
+    minitest (5.22.3)
     multi_json (1.15.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
     mutex_m (0.2.0)
-    newrelic_rpm (9.7.1)
-    nio4r (2.7.0)
+    newrelic_rpm (9.8.0)
+    nio4r (2.7.1)
     parallel (1.24.0)
     parser (3.3.0.5)
       ast (~> 2.4.1)
       racc
-    prism (0.24.0)
     psych (5.1.2)
       stringio
-    public_suffix (5.0.4)
+    public_suffix (5.0.5)
     puma (6.4.2)
       nio4r (~> 2.0)
     racc (1.7.3)
-    rack (3.0.9.1)
+    rack (3.0.10)
     rack-protection (4.0.0)
       base64 (>= 0.1.0)
       rack (>= 3.0.0, < 4)
@@ -93,15 +92,15 @@ GEM
       rack (>= 3)
       webrick (~> 1.8)
     rainbow (3.1.1)
-    rake (13.1.0)
-    rdoc (6.6.2)
+    rake (13.2.1)
+    rdoc (6.6.3.1)
       psych (>= 4.0.0)
     redis (5.1.0)
       redis-client (>= 0.17.0)
-    redis-client (0.20.0)
+    redis-client (0.21.1)
       connection_pool
     regexp_parser (2.9.0)
-    reline (0.4.3)
+    reline (0.5.1)
       io-console (~> 0.5)
     rexml (3.2.6)
     rspec (3.13.0)
@@ -117,7 +116,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    rubocop (1.61.0)
+    rubocop (1.63.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
@@ -125,25 +124,30 @@ GEM
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.0)
+    rubocop-ast (1.31.2)
       parser (>= 3.3.0.4)
-      prism (>= 0.24.0)
     rubocop-capybara (2.20.0)
       rubocop (~> 1.41)
     rubocop-factory_bot (2.25.1)
       rubocop (~> 1.41)
-    rubocop-rails (2.23.1)
+    rubocop-performance (1.21.0)
+      rubocop (>= 1.48.1, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
+    rubocop-rails (2.24.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.33.0, < 2.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
-    rubocop-rspec (2.26.1)
+      rubocop-ast (>= 1.31.1, < 2.0)
+    rubocop-rspec (2.29.1)
       rubocop (~> 1.40)
       rubocop-capybara (~> 2.17)
       rubocop-factory_bot (~> 2.22)
+      rubocop-rspec_rails (~> 2.28)
+    rubocop-rspec_rails (2.28.2)
+      rubocop (~> 1.40)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     sinatra (4.0.0)
diff --git a/spec/cache_spec.rb b/spec/cache_spec.rb
index 0f7e233..ae48463 100644
--- a/spec/cache_spec.rb
+++ b/spec/cache_spec.rb
@@ -4,7 +4,7 @@
 require_relative "../lib/cache"
 
 describe Cache do
-  let(:redis) { described_class.const_get("REDIS") }
+  let(:redis) { described_class.const_get(:REDIS) }
 
   describe ".get" do
     it "retrieves the cache" do