aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJon Moss <me@jonathanmoss.me>2015-12-17 17:35:25 -0500
committerJon Moss <me@jonathanmoss.me>2015-12-17 17:35:25 -0500
commit5d8ee1250f028d9e0650fb65681c9c5ae49bece4 (patch)
treeb11c428d68d2ba0418b5fd4e241ba61b5805f53a
parent84eba99cebc0afc1fde725d491170523cc6189ad (diff)
downloadrails-5d8ee1250f028d9e0650fb65681c9c5ae49bece4.tar.gz
rails-5d8ee1250f028d9e0650fb65681c9c5ae49bece4.tar.bz2
rails-5d8ee1250f028d9e0650fb65681c9c5ae49bece4.zip
Require Nokogiri >= 1.6.7.1
Many CVEs released: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
-rw-r--r--Gemfile2
-rw-r--r--Gemfile.lock2
2 files changed, 2 insertions, 2 deletions
diff --git a/Gemfile b/Gemfile
index ef17ed735c..b6e2760d9e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -85,7 +85,7 @@ group :test do
end
platforms :ruby, :mswin, :mswin64, :mingw, :x64_mingw do
- gem 'nokogiri', '>= 1.6.7'
+ gem 'nokogiri', '>= 1.6.7.1'
# Needed for compiling the ActionDispatch::Journey parser.
gem 'racc', '>=1.4.6', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 8cf764797c..1006143f54 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -327,7 +327,7 @@ DEPENDENCIES
mocha (~> 0.14)
mysql (>= 2.9.0)
mysql2 (>= 0.4.0)
- nokogiri (>= 1.6.7)
+ nokogiri (>= 1.6.7.1)
pg (>= 0.18.0)
psych (~> 2.0)
puma