Skip to content

Commit

Permalink
Updated of nokogiri to mitigate vulnerabilities [USN-3424-1](sparklem…
Browse files Browse the repository at this point in the history 
…otion/nokogiri#1673) and [CVE-2017-5029](sparklemotion/nokogiri#1634)

Added branch on my fork of savon until PR savonrb/savon#848 has been merged
  • Loading branch information
Michael Harrison committed Dec 6, 2017
1 parent 156c2da commit a7242a8
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
3 changes: 3 additions & 0 deletions Gemfile
View file
Expand Up @@ -7,6 +7,9 @@ gemspec

gem 'jruby-openssl', "~> 0.9.0", platform: :jruby

# TODO: Remove once PR: https://github.com/savonrb/savon/pull/848 has been merged
gem 'savon', git: 'https://github.com/michael-harrison/savon.git', branch: 'hotfix/nokogiri_vulnerbility_USN-3424-1'

group :test do
gem "coveralls", "~> 0.7.0", :require => false
end
Expand Down
4 changes: 2 additions & 2 deletions exlibris-primo.gemspec
View file
Expand Up @@ -20,9 +20,9 @@ Gem::Specification.new do |s|
s.add_dependency "require_all", "~> 1.3.1"
# Leverage ActiveSupport core extensions.
s.add_dependency "activesupport", ">= 3.2.14"
s.add_dependency "nokogiri", "~> 1.6.8"
s.add_dependency "nokogiri", "~> 1.8.1"
s.add_dependency "json", "~> 1.8.0"
s.add_dependency "savon", "~> 2.11.1"
s.add_dependency "savon", "~> 2.12.0"
s.add_dependency "iso-639", "~> 0.2.0"
s.add_development_dependency "rake", "~> 10.1"
s.add_development_dependency "vcr", "~> 2.9.0"
Expand Down

0 comments on commit a7242a8

Please sign in to comment.