Patching for CVE-2019-5477

Name: nokogiri Version: 1.10.3 Advisory: CVE-2019-5477 Criticality: High URL: sparklemotion/nokogiri#1915 Title: Nokogiri Command Injection Vulnerability via Nokogiri::CSS::Tokenizer#load_file Solution: upgrade to >= 1.10.4
YaleSpinup · Oct 2, 2019 · d2195b8 · d2195b8
1 parent 09c07a5
commit d2195b8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -39,7 +39,7 @@ GEM
     mustermann (1.0.3)
     netaddr (1.5.1)
     nio4r (2.4.0)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     nori (2.6.0)
     parallel (1.17.0)