Merge pull request #296 from cyberark/dependabot/bundler/nokogiri-1.13.9

Bump nokogiri from 1.13.6 to 1.13.9
cyberark · Oct 21, 2022 · 575666f · 575666f
2 parents abf681f + ec0c145
commit 575666f
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [1.2.7] - 2022-10-06
 ### Security
+- Upgrade nokogiri to v1.3.9 to resolve GHSA-2qc6-mcvw-92cw
+  [cyberark/conjur-service-broker#296](https://github.com/cyberark/conjur-service-broker/pull/296)
 - Upgrade cucumber (2.99.0 -> 7.1.0) and aruba (1.1.2 -> 2.0.0)
   to resolve medium severity security issue on Snyk
   [cyberark/conjur-service-broker#294](https://github.com/cyberark/conjur-service-broker/pull/294)

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -117,7 +117,7 @@ GEM
     multi_test (0.1.2)
     netrc (0.11.0)
     nio4r (2.5.8)
-    nokogiri (1.13.6)
+    nokogiri (1.13.9)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     pry (0.13.1)