From f470c2aa5c3db3316af69d831df410d23b6fe623 Mon Sep 17 00:00:00 2001
From: Neil Bartley <n@neil.bar>
Date: Tue, 25 Apr 2017 20:54:48 +0100
Subject: [PATCH 1/2] Bump versions of nokogiri and rubyzip (CVE-2016-4658 and
 CVE-2017-5946)

---
 docx.gemspec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docx.gemspec b/docx.gemspec
index edea155..722fe1a 100644
--- a/docx.gemspec
+++ b/docx.gemspec
@@ -11,8 +11,8 @@ Gem::Specification.new do |s|
   s.homepage    = 'https://github.com/chrahunt/docx'
   s.files       = Dir["README.md", "LICENSE.md", "lib/**/*.rb"]
 
-  s.add_dependency 'nokogiri', '~> 1.5'
-  s.add_dependency 'rubyzip',  '~> 1.1.6'
+  s.add_dependency 'nokogiri', '~> 1.7.1'
+  s.add_dependency 'rubyzip',  '~> 1.2.1'
 
   s.add_development_dependency 'rspec'
 end

From d9f21215a280672d1f3ba92492c41ef1e3420da9 Mon Sep 17 00:00:00 2001
From: Neil Bartley <n@neil.bar>
Date: Tue, 26 Sep 2017 16:50:44 +0100
Subject: [PATCH 2/2] Update to defend against CVE-2017-9050

---
 docx.gemspec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docx.gemspec b/docx.gemspec
index 722fe1a..32e58ab 100644
--- a/docx.gemspec
+++ b/docx.gemspec
@@ -11,7 +11,7 @@ Gem::Specification.new do |s|
   s.homepage    = 'https://github.com/chrahunt/docx'
   s.files       = Dir["README.md", "LICENSE.md", "lib/**/*.rb"]
 
-  s.add_dependency 'nokogiri', '~> 1.7.1'
+  s.add_dependency 'nokogiri', '~> 1.8.1'
   s.add_dependency 'rubyzip',  '~> 1.2.1'
 
   s.add_development_dependency 'rspec'