From 6b10c7c92b8b400c49dce67610132a484c97dc50 Mon Sep 17 00:00:00 2001
From: Ben Abrams <me@benabrams.it>
Date: Fri, 23 Mar 2018 13:21:07 -0700
Subject: [PATCH] [CVE-2017-17042] update vulnerable `yard` dependency

Signed-off-by: Ben Abrams <me@benabrams.it>
---
 CHANGELOG.md                        | 4 +++-
 sensu-plugins-elasticsearch.gemspec | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 29f61f6..310f09a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,8 +5,10 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
 
 ## [Unreleased]
 
-## [2.0.0] - 2018-03-07
+### Security
+- updated yard dependency to `~> 0.9.11` per: https://nvd.nist.gov/vuln/detail/CVE-2017-17042 (@majormoses)
 
+## [2.0.0] - 2018-03-07
 ### Security
 - updated rubocop dependency to `~> 0.51.0` per: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8418. (@majormoses)
 
diff --git a/sensu-plugins-elasticsearch.gemspec b/sensu-plugins-elasticsearch.gemspec
index d6107e0..ce9dc2a 100644
--- a/sensu-plugins-elasticsearch.gemspec
+++ b/sensu-plugins-elasticsearch.gemspec
@@ -51,5 +51,5 @@ Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
   s.add_development_dependency 'rubocop',                   '~> 0.51.0'
   # 0.17 requires ruby 2.3+
   s.add_development_dependency 'test-kitchen',              '~> 1.16.0'
-  s.add_development_dependency 'yard',                      '~> 0.8'
+  s.add_development_dependency 'yard',                      '~> 0.9.11'
 end