Bump nokogiri to 1.10.4bump-nokogiri-1.10.4

This pulls in fix for CVE-2019-5477, where usage of Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.
author: Thong Kuah <tkuah@gitlab.com> 2019-08-12 12:18:06 +1200
committer: Thong Kuah <tkuah@gitlab.com> 2019-08-12 12:25:15 +1200
commit: 2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch)
tree: cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /Gemfile.lock
parent: 7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff)
download: gitlab-ce-2d58eba11134d2f3013d2ab45d93ae0581893be7.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/Gemfile.lock b/Gemfile.lock
index a74492dadc1..68c40cd19f7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -541,7 +541,7 @@ GEM
     net-ssh (5.2.0)
     netrc (0.11.0)
     nio4r (2.3.1)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     nokogumbo (1.5.0)
       nokogiri
@@ -1148,7 +1148,7 @@ DEPENDENCIES
   nakayoshi_fork (~> 0.0.4)
   net-ldap
   net-ssh (~> 5.2)
-  nokogiri (~> 1.10.3)
+  nokogiri (~> 1.10.4)
   oauth2 (~> 1.4)
   octokit (~> 4.9)
   omniauth (~> 1.8)
author	Thong Kuah <tkuah@gitlab.com>	2019-08-12 12:18:06 +1200
committer	Thong Kuah <tkuah@gitlab.com>	2019-08-12 12:25:15 +1200
commit	2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch)
tree	cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /Gemfile.lock
parent	7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff)
download	gitlab-ce-2d58eba11134d2f3013d2ab45d93ae0581893be7.tar.gz