Bump nokogiri

Fixes: * CVE-2016-9318 * CVE-2017-16932 * CVE-2017-18258 * CVE-2018-14404 * CVE-2018-14567
2018-10-05 04:25:49 +02:00 · 2018-10-05 04:25:49 +02:00 · 3be814ea0f
commit 3be814ea0f
parent 56bb4be9d3
2 changed files with 3 additions and 3 deletions
--- a/2
+++ b/2
@ -140,7 +140,7 @@ gem "leaflet-rails",       "1.3.1"

 # Parsing

-gem "nokogiri",          "1.8.2"
+gem "nokogiri",          "1.8.5"
 gem "open_graph_reader", "0.6.2" # also update User-Agent in features/support/webmock.rb
 gem "redcarpet",         "3.4.0"
 gem "ruby-oembed",       "0.12.0"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -391,7 +391,7 @@ GEM
    naught (1.1.0)
    nenv (0.3.0)
    nio4r (2.3.0)
-    nokogiri (1.8.2)
+    nokogiri (1.8.5)
      mini_portile2 (~> 2.3.0)
    notiffany (0.1.1)
      nenv (~> 0.1)
@ -816,7 +816,7 @@ DEPENDENCIES
  minitest
  mobile-fu (= 1.4.0)
  mysql2 (= 0.5.0)
-  nokogiri (= 1.8.2)
+  nokogiri (= 1.8.5)
  omniauth (= 1.8.1)
  omniauth-tumblr (= 1.2)
  omniauth-twitter (= 1.4.0)