diff options
author | Jonne Haß <me@jhass.eu> | 2016-06-07 14:49:32 +0300 |
---|---|---|
committer | Jonne Haß <me@jhass.eu> | 2016-06-07 14:51:33 +0300 |
commit | 0bc8e54afd27d6c754341076bac358cdc4c7df94 (patch) | |
tree | a35460d67b81aeb74ce0b79bf71c30fb4845f0c9 | |
parent | a2864b9f40bc9e2aac8d6cc2250a39424e757a5e (diff) |
Update Nokogiri to 1.6.8v0.5.9.1
Which in turn updates libxml2 to 2.9.4 and libxslt to 1.1.29, addressing
a range of security issues.
See https://groups.google.com/forum/#!topic/ruby-security-ann/RCHyF5K9Lbc
for more details.
-rw-r--r-- | Changelog.md | 6 | ||||
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 12 | ||||
-rw-r--r-- | config/defaults.yml | 2 |
4 files changed, 15 insertions, 7 deletions
diff --git a/Changelog.md b/Changelog.md index fda559717..689fd138c 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,3 +1,9 @@ +# 0.5.9.1 + +Update Nokogiri to 1.6.8, which in turn updates libxml2 to 2.9.4 and libxslt to 1.1.29, +addressing a range of security issues. See https://groups.google.com/forum/#!topic/ruby-security-ann/RCHyF5K9Lbc +for more details. + # 0.5.9.0 ## Refactor @@ -126,7 +126,7 @@ gem "messagebus_ruby_api", "1.0.3" # Parsing -gem "nokogiri", "1.6.7.2" +gem "nokogiri", "1.6.8" gem "redcarpet", "3.3.4" gem "twitter-text", "1.13.3" gem "roxml", "3.1.6" diff --git a/Gemfile.lock b/Gemfile.lock index b1f8b8311..ec1983011 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -448,7 +448,7 @@ GEM method_source (0.8.2) mime-types (2.99.1) mini_magick (4.4.0) - mini_portile2 (2.0.0) + mini_portile2 (2.1.0) minitest (5.8.4) mobile-fu (1.3.1) rack-mobile-detect @@ -462,8 +462,9 @@ GEM nenv (0.3.0) nested_form (0.3.2) nio4r (1.2.0) - nokogiri (1.6.7.2) - mini_portile2 (~> 2.0.0.rc2) + nokogiri (1.6.8) + mini_portile2 (~> 2.1.0) + pkg-config (~> 1.1.7) notiffany (0.0.8) nenv (~> 0.1) shellany (~> 0.0) @@ -500,6 +501,7 @@ GEM parser (2.3.0.4) ast (~> 2.2) phantomjs (2.1.1.0) + pkg-config (1.1.7) powerpack (0.1.1) pry (0.10.3) coderay (~> 1.1.0) @@ -835,7 +837,7 @@ DEPENDENCIES minitest mobile-fu (= 1.3.1) mysql2 (= 0.4.3) - nokogiri (= 1.6.7.2) + nokogiri (= 1.6.8) omniauth (= 1.3.1) omniauth-facebook (= 3.0.0) omniauth-tumblr (= 1.2) @@ -908,4 +910,4 @@ DEPENDENCIES will_paginate (= 3.1.0) BUNDLED WITH - 1.11.2 + 1.12.5 diff --git a/config/defaults.yml b/config/defaults.yml index d32ed1c3e..0f7501357 100644 --- a/config/defaults.yml +++ b/config/defaults.yml @@ -4,7 +4,7 @@ defaults: version: - number: "0.5.9.0" # Do not touch unless doing a release, do not backport the version number that's in master + number: "0.5.9.1" # Do not touch unless doing a release, do not backport the version number that's in master heroku: false environment: url: "http://localhost:3000/" |