Merge branch 'hotfix/0.7.0.1'v0.7.0.1

author: Benjamin Neff <benjamin@coding4coffee.ch> 2017-09-19 21:23:31 +0300
committer: Benjamin Neff <benjamin@coding4coffee.ch> 2017-09-19 21:24:37 +0300
commit: 508e44e01b0538afc3162edcc12f99aa88a1681b (patch)
tree: d942f5bc6d55a0299b1c1167f5b5ce87a28d11dd
parent: 7153df5c86a770776894a55c4c41973d043033ad (diff)
parent: 13d6c2371326df8e9302c8f09a853ba25383df24 (diff)
4 files changed, 11 insertions, 7 deletions
diff --git a/Changelog.md b/Changelog.md
index 879ca4e86..c552f0b4f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+# 0.7.0.1
+
+Update nokogiri to fix [multiple libxml2 vulnerabilities](https://usn.ubuntu.com/usn/usn-3424-1/).
+
 # 0.7.0.0
 
 ## Supported Ruby versions
diff --git a/Gemfile b/Gemfile
index 532d4dd9e..c7cc848d9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -135,7 +135,7 @@ gem "leaflet-rails",       "1.1.0"
 
 # Parsing
 
-gem "nokogiri",          "1.8.0"
+gem "nokogiri",          "1.8.1"
 gem "open_graph_reader", "0.6.2" # also update User-Agent in features/support/webmock.rb
 gem "redcarpet",         "3.4.0"
 gem "ruby-oembed",       "0.12.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index 5bc4f2ec5..b2365e622 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -374,7 +374,7 @@ GEM
     mime-types-data (3.2016.0521)
     mini_magick (4.8.0)
     mini_mime (0.1.4)
-    mini_portile2 (2.2.0)
+    mini_portile2 (2.3.0)
     minitest (5.10.3)
     mobile_fu (1.4.0)
       rack-mobile-detect
@@ -387,8 +387,8 @@ GEM
     naught (1.1.0)
     nenv (0.3.0)
     nio4r (2.1.0)
-    nokogiri (1.8.0)
-      mini_portile2 (~> 2.2.0)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
     notiffany (0.1.1)
       nenv (~> 0.1)
       shellany (~> 0.0)
@@ -820,7 +820,7 @@ DEPENDENCIES
   minitest
   mobile_fu (= 1.4.0)
   mysql2 (= 0.4.9)
-  nokogiri (= 1.8.0)
+  nokogiri (= 1.8.1)
   omniauth (= 1.6.1)
   omniauth-facebook (= 4.0.0)
   omniauth-tumblr (= 1.2)
@@ -904,4 +904,4 @@ DEPENDENCIES
   will_paginate (= 3.1.6)
 
 BUNDLED WITH
-   1.15.3
+   1.15.4
diff --git a/config/defaults.yml b/config/defaults.yml
index 2ffaf3fe0..2871abf7b 100644
--- a/config/defaults.yml
+++ b/config/defaults.yml
@@ -4,7 +4,7 @@
 
 defaults:
   version:
-    number: "0.7.0.0" # Do not touch unless doing a release, do not backport the version number that's in master
+    number: "0.7.0.1" # Do not touch unless doing a release, do not backport the version number that's in master
   heroku: false
   environment:
     url: "http://localhost:3000/"
author	Benjamin Neff <benjamin@coding4coffee.ch>	2017-09-19 21:23:31 +0300
committer	Benjamin Neff <benjamin@coding4coffee.ch>	2017-09-19 21:24:37 +0300
commit	508e44e01b0538afc3162edcc12f99aa88a1681b (patch)
tree	d942f5bc6d55a0299b1c1167f5b5ce87a28d11dd
parent	7153df5c86a770776894a55c4c41973d043033ad (diff)
parent	13d6c2371326df8e9302c8f09a853ba25383df24 (diff)