From 33dd059fd6547c8c34ff71dbf3dcbe95a11d548e Mon Sep 17 00:00:00 2001
From: Tim Smith <tsmith84@gmail.com>
Date: Wed, 28 Aug 2019 15:16:50 -0700
Subject: Update Ruby to 2.6.4 and nokogori to 10.10.4 to resolve CVEs

https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md#1104--2019-08-11

https://www.ruby-lang.org/en/news/2019/08/28/multiple-jquery-vulnerabilities-in-rdoc/

Signed-off-by: Tim Smith <tsmith@chef.io>
---
 omnibus_overrides.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/omnibus_overrides.rb b/omnibus_overrides.rb
index 96342de8db..5907f24e95 100644
--- a/omnibus_overrides.rb
+++ b/omnibus_overrides.rb
@@ -6,7 +6,7 @@
 # software here: bundle exec rake dependencies:update_omnibus_gemfile_lock
 override :rubygems, version: "3.0.3" # rubygems ships its own bundler which may differ from bundler defined below and then we get double bundler which results in performance issues / CLI warnings. Make sure these versions match before bumping either.
 override :bundler, version: "1.17.2" # currently pinned to what ships in Ruby to prevent double bundler
-override "nokogiri", version: "1.10.2"
+override "nokogiri", version: "1.10.4"
 override "libffi", version: "3.2.1"
 override "libiconv", version: "1.15"
 override "liblzma", version: "5.2.4"
@@ -17,7 +17,7 @@ override "libyaml", version: "0.1.7"
 override "makedepend", version: "1.0.5"
 override "ncurses", version: "5.9"
 override "pkg-config-lite", version: "0.28-1"
-override "ruby", version: "2.6.3"
+override "ruby", version: "2.6.4"
 override "ruby-windows-devkit-bash", version: "3.1.23-4-msys-1.0.18"
 override "util-macros", version: "1.19.0"
 override "xproto", version: "7.0.28"
-- 
cgit v1.2.1