From e5e4405747ec4025d8eefb5652bda2a83c283a13 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Fri, 18 Dec 2015 13:19:33 -0500
Subject: Explicitly require Nokogiri 1.6.7.1 due to security issue

Name: nokogiri
Version: 1.6.7
Advisory: CVE-2015-5312
Criticality: High
URL:
https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
Title: Nokogiri gem contains several vulnerabilities in libxml2
Solution: upgrade to >= 1.6.7.1
---
 Gemfile.lock | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'Gemfile.lock')

diff --git a/Gemfile.lock b/Gemfile.lock
index 88c7a6e3424..c1c01835e4b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -420,7 +420,7 @@ GEM
       grape
       newrelic_rpm
     newrelic_rpm (3.9.4.245)
-    nokogiri (1.6.7)
+    nokogiri (1.6.7.1)
       mini_portile2 (~> 2.0.0.rc2)
     nprogress-rails (0.1.6.7)
     oauth (0.4.7)
@@ -888,6 +888,7 @@ DEPENDENCIES
   net-ssh (~> 3.0.1)
   newrelic-grape
   newrelic_rpm (~> 3.9.4.245)
+  nokogiri (= 1.6.7.1)
   nprogress-rails (~> 0.1.6.7)
   oauth2 (~> 1.0.0)
   octokit (~> 3.7.0)
-- 
cgit v1.2.1