[ANN] Nokogiri security update v1.13.4

88 views
Skip to first unread message

Mike Dalessio

unread,
Apr 11, 2022, 4:55:04 PMApr 11
to ruby-sec...@googlegroups.com, ruby-talk
Nokogiri v1.13.4 has been released, with multiple security updates for both CRuby and JRuby users.

The changelog entry is reproduced here for your convenience, and interested readers are encouraged to click through to the security advisories for more details.

---

1.13.4 / 2022-04-11

Security

Dependencies

  • [CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)
  • [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to 2.12.2.
  • [JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of 1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://github.com/sparklemotion/nekohtml
Reply all
Reply to author
Forward
0 new messages