(security) CVE-2022-23476

Bump nokogiri from 1.13.9 to 1.13.10
2025-02-20 14:54:15 +01:00 · 2022-12-08 09:31:44 +01:00 · 2022-12-08 09:31:44 +01:00 · 1db7dfc723
commit 1db7dfc723
parent 129e2cdef0 9ee3c733e0
2 changed files with 4 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,7 @@
 # Changelog Fab-manager

+- Fix a security issue: updated nokogiri to 1.13.10 to fix [CVE-2022-23476](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23476)
+
 ## v5.5.6 2022 December 05

 - Updated FabAnalytics reports to include new features
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -236,7 +236,7 @@ GEM
    multi_xml (0.6.0)
    multipart-post (2.1.1)
    nio4r (2.5.8)
-    nokogiri (1.13.9)
+    nokogiri (1.13.10)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
    notify_with (0.0.2)
@ -305,7 +305,7 @@ GEM
    pundit (2.1.0)
      activesupport (>= 3.0.0)
    raabro (1.4.0)
-    racc (1.6.0)
+    racc (1.6.1)
    rack (2.2.4)
    rack-oauth2 (1.19.0)
      activesupport