Skip to content

Commit

Permalink
Update gems for CVE-2017-9050 (#977)
Browse files Browse the repository at this point in the history 
Name: nokogiri
Version: 1.7.2
Advisory: CVE-2017-9050
Criticality: Unknown
URL: sparklemotion/nokogiri#1673
Title: Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities
Solution: upgrade to >= 1.8.1
  • Loading branch information
svqualitydev committed Sep 25, 2017
1 parent 40d3d4b commit c617d69
Showing 1 changed file with 62 additions and 59 deletions.
121 changes: 62 additions & 59 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,32 +16,32 @@ PATH
GEM
remote: https://rubygems.org/
specs:
actionpack (5.1.1)
actionview (= 5.1.1)
activesupport (= 5.1.1)
actionpack (5.1.4)
actionview (= 5.1.4)
activesupport (= 5.1.4)
rack (~> 2.0)
rack-test (~> 0.6.3)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.1.1)
activesupport (= 5.1.1)
actionview (5.1.4)
activesupport (= 5.1.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activemodel (5.1.1)
activesupport (= 5.1.1)
activerecord (5.1.1)
activemodel (= 5.1.1)
activesupport (= 5.1.1)
activemodel (5.1.4)
activesupport (= 5.1.4)
activerecord (5.1.4)
activemodel (= 5.1.4)
activesupport (= 5.1.4)
arel (~> 8.0)
activesupport (5.1.1)
activesupport (5.1.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (~> 0.7)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.5.1)
public_suffix (~> 2.0, >= 2.0.2)
addressable (2.5.2)
public_suffix (>= 2.0.2, < 4.0)
administrate-field-image (1.1.0)
administrate (>= 0.2.0.rc1)
ammeter (1.1.4)
Expand All @@ -54,23 +54,23 @@ GEM
thor (>= 0.14.0)
arel (8.0.0)
ast (2.3.0)
autoprefixer-rails (7.1.1)
autoprefixer-rails (7.1.4)
execjs
awesome_print (1.7.0)
awesome_print (1.8.0)
builder (3.2.3)
bundler-audit (0.5.0)
bundler-audit (0.6.0)
bundler (~> 1.2)
thor (~> 0.18)
byebug (9.0.6)
capybara (2.14.0)
byebug (9.1.0)
capybara (2.15.1)
addressable
mime-types (>= 1.16)
mini_mime (>= 0.1.3)
nokogiri (>= 1.3.3)
rack (>= 1.0.0)
rack-test (>= 0.5.4)
xpath (~> 2.0)
cliver (0.3.2)
coderay (1.1.1)
coderay (1.1.2)
concurrent-ruby (1.0.5)
crack (0.4.3)
safe_yaml (~> 1.0.0)
Expand All @@ -86,30 +86,30 @@ GEM
json
thread
thread_safe
erubi (1.6.0)
erubis (2.7.0)
erubi (1.6.1)
execjs (2.7.0)
factory_girl (4.8.0)
activesupport (>= 3.0.0)
factory_girl_rails (4.8.0)
factory_girl (~> 4.8.0)
railties (>= 3.0.0)
faker (1.7.3)
faker (1.8.4)
i18n (~> 0.5)
faraday (0.12.1)
faraday (0.13.1)
multipart-post (>= 1.2, < 3)
ffi (1.9.18)
formulaic (0.4.0)
activesupport
capybara
i18n
hashdiff (0.3.4)
hashdiff (0.3.6)
highline (1.7.8)
i18n (0.8.1)
i18n-tasks (0.9.15)
i18n (0.8.6)
i18n-tasks (0.9.18)
activesupport (>= 4.0.2)
ast (>= 2.1.0)
easy_translate (>= 0.5.0)
erubis
erubi
highline (>= 1.7.3)
i18n
parser (>= 2.2.3.0)
Expand Down Expand Up @@ -138,50 +138,50 @@ GEM
loofah (2.0.3)
nokogiri (>= 1.5.9)
method_source (0.8.2)
mime-types (3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mini_portile2 (2.1.0)
minitest (5.10.2)
mini_mime (0.1.4)
mini_portile2 (2.3.0)
minitest (5.10.3)
momentjs-rails (2.17.1)
railties (>= 3.1)
multipart-post (2.0.0)
nokogiri (1.7.2)
mini_portile2 (~> 2.1.0)
nokogiri (1.8.1)
mini_portile2 (~> 2.3.0)
parser (2.4.0.0)
ast (~> 2.2)
pg (0.20.0)
poltergeist (1.15.0)
pg (0.21.0)
poltergeist (1.16.0)
capybara (~> 2.1)
cliver (~> 0.3.1)
websocket-driver (>= 0.2.0)
pry (0.10.4)
pry (0.11.0)
coderay (~> 1.1.0)
method_source (~> 0.8.1)
slop (~> 3.4)
pry-rails (0.3.6)
pry (>= 0.10.4)
public_suffix (2.0.5)
public_suffix (3.0.0)
rack (2.0.3)
rack-test (0.6.3)
rack (>= 1.0)
rack-test (0.7.0)
rack (>= 1.0, < 3)
rack-timeout (0.4.2)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rails_stdout_logging (0.0.5)
railties (5.1.1)
actionpack (= 5.1.1)
activesupport (= 5.1.1)
railties (5.1.4)
actionpack (= 5.1.4)
activesupport (= 5.1.4)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rainbow (2.2.2)
rake
raindrops (0.18.0)
rake (12.0.0)
raindrops (0.19.0)
rake (12.1.0)
rb-fsevent (0.10.2)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
redcarpet (3.4.0)
rspec-core (3.5.4)
rspec-support (~> 3.5.0)
Expand All @@ -201,49 +201,52 @@ GEM
rspec-support (~> 3.5.0)
rspec-support (3.5.0)
safe_yaml (1.0.4)
sass (3.4.24)
sass (3.5.1)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
sass-rails (5.0.6)
railties (>= 4.0.0, < 6)
sass (~> 3.1)
sprockets (>= 2.8, < 4.0)
sprockets-rails (>= 2.0, < 4.0)
tilt (>= 1.1, < 3)
selectize-rails (0.12.4)
sentry-raven (2.4.0)
sentry-raven (2.6.3)
faraday (>= 0.7.6, < 1.0)
shoulda-matchers (2.8.0)
activesupport (>= 3.0.0)
slop (3.6.0)
sprockets (3.7.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.0)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
terminal-table (1.8.0)
unicode-display_width (~> 1.1, >= 1.1.1)
thor (0.19.4)
thor (0.20.0)
thread (0.2.2)
thread_safe (0.3.6)
tilt (2.0.7)
timecop (0.8.1)
tilt (2.0.8)
timecop (0.9.1)
tzinfo (1.2.3)
thread_safe (~> 0.1)
uglifier (3.2.0)
execjs (>= 0.3.0, < 3)
unicode-display_width (1.2.1)
unicode-display_width (1.3.0)
unicorn (5.3.0)
kgio (~> 2.6)
raindrops (~> 0.7)
webmock (3.0.1)
addressable (>= 2.3.6)
crack (>= 0.3.2)
hashdiff
websocket-driver (0.6.5)
websocket-driver (0.7.0)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.2)
xpath (2.0.0)
xpath (2.1.0)
nokogiri (~> 1.3)

PLATFORMS
Expand Down Expand Up @@ -280,4 +283,4 @@ DEPENDENCIES
webmock

BUNDLED WITH
1.15.1
1.15.4

0 comments on commit c617d69

Please sign in to comment.