Bump nokogiri for CVE-2016-4658

https://github.com/sparklemotion/nokogiri/issues/1615 This is required to pass the bundle-audit check in Travis CI Change-Id: Ia34db5b0595b88560fdff36a451df7567907e727 Signed-off-by: Maxime Brugidou <m.brugidou@criteo.com>
author: Maxime Brugidou <m.brugidou@criteo.com> 2017-03-24 10:51:44 +0100
committer: Maxime Brugidou <m.brugidou@criteo.com> 2017-03-24 11:08:07 +0100
commit: 3644e76caf51cd4c57485b0498745c9f87cb6b1a (patch)
tree: 067d397aacc49ce5110c16c8b49cdcb83ea9b986 /Gemfile
parent: accb4846106ca4601104a445da0d3544d4c1bf55 (diff)
download: chef-3644e76caf51cd4c57485b0498745c9f87cb6b1a.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/Gemfile b/Gemfile
index 5858df4bb5..416927bf3a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -22,7 +22,8 @@ gem "cheffish" # required for rspec tests
 group(:omnibus_package) do
   gem "appbundler"
   gem "rb-readline"
-  gem "nokogiri"
+  # CVE-2016-4658 https://github.com/sparklemotion/nokogiri/issues/1615
+  gem "nokogiri", ">= 1.7.1"
 end
 
 group(:omnibus_package, :pry) do
author	Maxime Brugidou <m.brugidou@criteo.com>	2017-03-24 10:51:44 +0100
committer	Maxime Brugidou <m.brugidou@criteo.com>	2017-03-24 11:08:07 +0100
commit	3644e76caf51cd4c57485b0498745c9f87cb6b1a (patch)
tree	067d397aacc49ce5110c16c8b49cdcb83ea9b986 /Gemfile
parent	accb4846106ca4601104a445da0d3544d4c1bf55 (diff)
download	chef-3644e76caf51cd4c57485b0498745c9f87cb6b1a.tar.gz