Skip to content
This repository has been archived by the owner on Jul 21, 2020. It is now read-only.

Commit

Permalink
Security update for compromised gems.
Browse files Browse the repository at this point in the history 
Name: nokogiri
Version: 1.8.2
Advisory: CVE-2018-14404
Criticality: Unknown
URL: sparklemotion/nokogiri#1785
Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities

Name: nokogiri
Version: 1.8.2
Advisory: CVE-2018-8048
Criticality: Unknown
URL: sparklemotion/nokogiri#1746
Title: Revert libxml2 behavior in Nokogiri gem that could cause XSS

Name: sprockets
Version: 2.12.4
Advisory: CVE-2018-3760
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
Title: Path Traversal in Sprockets
  • Loading branch information
@rimenes @hugopl
rimenes authored and hugopl committed Oct 22, 2018
1 parent 01cb200 commit 4c65512
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Gemfile.lock
View file
Expand Up @@ -155,7 +155,7 @@ GEM
multi_xml (0.5.5)
mustermann19 (0.4.3)
enumerable-lazy
nokogiri (1.8.2)
nokogiri (1.8.5)
mini_portile2 (~> 2.3.0)
open4 (1.3.4)
orm_adapter (0.5.0)
Expand Down Expand Up @@ -231,7 +231,7 @@ GEM
json (~> 1.8)
simplecov-html (~> 0.10.0)
simplecov-html (0.10.0)
sprockets (2.12.4)
sprockets (2.12.5)
hike (~> 1.2)
multi_json (~> 1.0)
rack (~> 1.0)
Expand Down

0 comments on commit 4c65512

Please sign in to comment.