diff --git a/Gemfile b/Gemfile
index 76357d2b674e87a8613833af3e11af59573584be..134646cf8003eb470120430bed411d3abc05a4a9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -6,9 +6,9 @@ gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 # Responders respond_to and respond_with
 gem 'responders', '~> 2.0'
 
-# Specify a sprockets version due to security issue
-# See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
-gem 'sprockets', '~> 2.12.3'
+# Specify a sprockets version due to increased performance
+# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
+gem 'sprockets', '~> 3.3.5'
 
 # Default values for AR models
 gem "default_value_for", "~> 3.0.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index 29563b18db19942e81209914d5bc7d9274c549f3..e048e2f5a56ec7ef3ece0d1cd99cbe78d8d909e2 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -407,7 +407,6 @@ GEM
       railties (>= 4.0.1)
     hashie (3.4.3)
     highline (1.7.8)
-    hike (1.2.3)
     hipchat (1.5.2)
       httparty
       mimemagic
@@ -771,11 +770,8 @@ GEM
       spring (>= 0.9.1)
     spring-commands-teaspoon (0.0.2)
       spring (>= 0.9.1)
-    sprockets (2.12.4)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
+    sprockets (3.3.5)
+      rack (> 1, < 3)
     sprockets-rails (2.3.3)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
@@ -807,7 +803,7 @@ GEM
       rack (~> 1.0)
     thor (0.19.1)
     thread_safe (0.3.5)
-    tilt (1.4.1)
+    tilt (2.0.2)
     timfel-krb5-auth (0.8.3)
     tinder (1.10.1)
       eventmachine (~> 1.0)
@@ -1024,7 +1020,7 @@ DEPENDENCIES
   spring-commands-rspec (~> 1.0.4)
   spring-commands-spinach (~> 1.0.0)
   spring-commands-teaspoon (~> 0.0.2)
-  sprockets (~> 2.12.3)
+  sprockets (~> 3.3.5)
   state_machines-activerecord (~> 0.3.0)
   task_list (~> 1.0.2)
   teaspoon (~> 1.0.0)