Update nokogiri based on ruby advisory #57

AdrianCann · 2017-10-01T21:06:17Z

Maybe I should write a script to automatically update nokogiri :)

ruby-advisory-db: 288 advisories
Name: nokogiri
Version: 1.7.0.1
Advisory: CVE-2016-4658
Criticality: Unknown
URL: sparklemotion/nokogiri#1615
Title: Nokogiri gem contains several vulnerabilities in libxml2 and
libxslt
Solution: upgrade to >= 1.7.1

Name: nokogiri
Version: 1.7.0.1
Advisory: CVE-2017-5029
Criticality: Unknown
URL: sparklemotion/nokogiri#1634
Title: Nokogiri gem contains two upstream vulnerabilities in libxslt
1.1.29
Solution: upgrade to >= 1.7.2

Name: nokogiri
Version: 1.7.0.1
Advisory: CVE-2017-9050
Criticality: Unknown
URL: sparklemotion/nokogiri#1673
Title: Nokogiri gem, via libxml, is affected by DoS and RCE
vulnerabilities
Solution: upgrade to >= 1.8.1

* Maybe I should write a script to automatically update nokogiri :) ruby-advisory-db: 288 advisories Name: nokogiri Version: 1.7.0.1 Advisory: CVE-2016-4658 Criticality: Unknown URL: sparklemotion/nokogiri#1615 Title: Nokogiri gem contains several vulnerabilities in libxml2 and libxslt Solution: upgrade to >= 1.7.1 Name: nokogiri Version: 1.7.0.1 Advisory: CVE-2017-5029 Criticality: Unknown URL: sparklemotion/nokogiri#1634 Title: Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29 Solution: upgrade to >= 1.7.2 Name: nokogiri Version: 1.7.0.1 Advisory: CVE-2017-9050 Criticality: Unknown URL: sparklemotion/nokogiri#1673 Title: Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities Solution: upgrade to >= 1.8.1

AdrianCann merged commit bc52d05 into master Oct 1, 2017

sophomoric temporarily deployed to madelinecann June 20, 2022 18:59 Inactive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update nokogiri based on ruby advisory #57

Update nokogiri based on ruby advisory #57

AdrianCann commented Oct 1, 2017

Update nokogiri based on ruby advisory #57

Update nokogiri based on ruby advisory #57

Conversation

AdrianCann commented Oct 1, 2017