Explicitly require Nokogiri 1.6.7.1 due to security issue
Name: nokogiri
Version: 1.6.7
Advisory: CVE-2015-5312
Criticality: High
URL:
https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
Title: Nokogiri gem contains several vulnerabilities in libxml2
Solution: upgrade to >= 1.6.7.1
Showing
... | ... | @@ -101,6 +101,9 @@ gem 'wikicloth', '0.8.1' |
gem 'asciidoctor', '~> 1.5.2' | ||
gem 'rouge', '~> 1.10.1' | ||
# See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s | ||
gem 'nokogiri', '1.6.7.1' | ||
# Diffs | ||
gem 'diffy', '~> 3.0.3' | ||
... | ... |
Please
register
or
sign in
to comment