Fix: security update for nokogiri

Advisory: CVE-2019-11068 Criticality: Unknown URL: sparklemotion/nokogiri#1892
riseuplabs · Aug 23, 2019 · 4d4b4fe · 4d4b4fe
1 parent 090fc95
commit 4d4b4fe
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/Gemfile b/Gemfile
@@ -14,8 +14,8 @@ end
 gem 'rails', '~> 5.1.6'
 
 # Security updates
-# https://github.com/sparklemotion/nokogiri/issues/1785
-gem 'nokogiri', '~> 1.8.5'
+#https://github.com/sparklemotion/nokogiri/issues/1892
+gem 'nokogiri', '~> 1.10.3'
 
 # Rake is rubys make... performing tasks
 # locking in to latest major to fix API

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -142,12 +142,12 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2019.0331)
     mini_mime (1.0.1)
-    mini_portile2 (2.3.0)
+    mini_portile2 (2.4.0)
     minitest (5.10.3)
     mysql2 (0.5.2)
     nio4r (2.3.1)
-    nokogiri (1.8.5)
-      mini_portile2 (~> 2.3.0)
+    nokogiri (1.10.3)
+      mini_portile2 (~> 2.4.0)
     phantomjs-binaries (2.1.1.1)
       sys-uname (= 0.9.0)
     poltergeist (1.18.1)
@@ -293,7 +293,7 @@ DEPENDENCIES
   mime-types
   minitest (~> 5.10.3)
   mysql2 (~> 0.5.2)
-  nokogiri (~> 1.8.5)
+  nokogiri (~> 1.10.3)
   phantomjs-binaries (~> 2.1.1)
   poltergeist (~> 1.5)
   prototype-rails!