diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2019-08-12 03:18:06 +0300 |
|---|---|---|
| committer | Thong Kuah <tkuah@gitlab.com> | 2019-08-12 03:25:15 +0300 |
| commit | 2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch) | |
| tree | cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /qa/Gemfile.lock | |
| parent | 7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff) | |
Bump nokogiri to 1.10.4
This pulls in fix for CVE-2019-5477, where usage of
Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.
Diffstat (limited to 'qa/Gemfile.lock')
| -rw-r--r-- | qa/Gemfile.lock | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock index 7d19366f83b..bf051a115b5 100644 --- a/qa/Gemfile.lock +++ b/qa/Gemfile.lock @@ -52,7 +52,7 @@ GEM mini_portile2 (2.4.0) minitest (5.11.1) netrc (0.11.0) - nokogiri (1.10.3) + nokogiri (1.10.4) mini_portile2 (~> 2.4.0) parallel (1.17.0) parallel_tests (2.29.0) @@ -112,13 +112,13 @@ DEPENDENCIES faker (~> 1.6, >= 1.6.6) gitlab-qa knapsack (~> 1.17) - nokogiri (~> 1.10.3) + nokogiri (~> 1.10.4) parallel_tests (~> 2.29) pry-byebug (~> 3.5.1) rake (~> 12.3.0) rspec (~> 3.7) rspec-retry (~> 0.6.1) - rspec_junit_formatter (~> 0.4.1) + rspec_junit_formatter (~> 0.4.1) selenium-webdriver (~> 3.12) BUNDLED WITH |