Skip to content

Commit

Permalink
security fix: update nokogiri to 1.8.3
Browse files Browse the repository at this point in the history 
1.8.2 has an XSS vuln, see:

  sparklemotion/nokogiri#1746
  • Loading branch information
@george-carlin
george-carlin committed Jul 6, 2018
1 parent 2b9f700 commit fe9ec07
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ gem 'json', '1.8.6'
# TODO: Traveling Ruby - DANGER, DANGER: this version has an issue, but it's
# the last one supported by Traveling Ruby
# gem 'nokogiri', '1.6.6.2'
gem 'nokogiri', '1.8.2'
gem 'nokogiri', '1.8.3'

# MySQL backend
gem 'mysql2', '~> 0.5.1'
Expand Down
4 changes: 2 additions & 2 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ GEM
mysql2 (0.5.1)
nenv (0.3.0)
nio4r (2.3.1)
nokogiri (1.8.2)
nokogiri (1.8.3)
mini_portile2 (~> 2.3.0)
notiffany (0.1.1)
nenv (~> 0.1)
Expand Down Expand Up @@ -409,7 +409,7 @@ DEPENDENCIES
listen (>= 3.0.5, < 3.2)
local_time (>= 2.0.0)
mysql2 (~> 0.5.1)
nokogiri (= 1.8.2)
nokogiri (= 1.8.3)
paper_trail (~> 6.0)
parslet (~> 1.6.0)
poltergeist
Expand Down

0 comments on commit fe9ec07

Please sign in to comment.