Explicitly require Nokogiri 1.6.7.1 due to security issue (!2154) · Merge requests · GitLab.org / GitLab FOSS · GitLab

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

Robert Speicher requested to merge rs-bump-nokogiri into master Dec 18, 2015

Name: nokogiri
Version: 1.6.7
Advisory: CVE-2015-5312
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
Title: Nokogiri gem contains several vulnerabilities in libxml2
Solution: upgrade to >= 1.6.7.1