diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2019-08-12 03:18:06 +0300 |
|---|---|---|
| committer | Thong Kuah <tkuah@gitlab.com> | 2019-08-12 03:25:15 +0300 |
| commit | 2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch) | |
| tree | cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /Gemfile.lock | |
| parent | 7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff) | |
Bump nokogiri to 1.10.4
This pulls in fix for CVE-2019-5477, where usage of
Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.
Diffstat (limited to 'Gemfile.lock')
| -rw-r--r-- | Gemfile.lock | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index a74492dadc1..68c40cd19f7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -541,7 +541,7 @@ GEM net-ssh (5.2.0) netrc (0.11.0) nio4r (2.3.1) - nokogiri (1.10.3) + nokogiri (1.10.4) mini_portile2 (~> 2.4.0) nokogumbo (1.5.0) nokogiri @@ -1148,7 +1148,7 @@ DEPENDENCIES nakayoshi_fork (~> 0.0.4) net-ldap net-ssh (~> 5.2) - nokogiri (~> 1.10.3) + nokogiri (~> 1.10.4) oauth2 (~> 1.4) octokit (~> 4.9) omniauth (~> 1.8) |