At the request of Nokogiri users, this CVE fix has also been backported to
the unsupported v1.15.x branch and released in v1.15.6.
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.6
The v1.15.x branch is still unsupported, and no future support should be
inferred. No further releases on this branch are planned.
On Sun, Feb 4, 2024 at 11:59 AM Mike Dalessio <mike.dalessio(a)gmail.com>
wrote:
Nokogiri v1.16.2 has been released with a security
update for CRuby users.
The release notes [1] are reproduced here for your convenience.
[1]:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.16.2
---
v1.16.2 / 2024-02-04Security
- [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See
GHSA-xc9x-jj77-9p9j
<https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xc9x-jj77-9p9j>
for
more information.
Dependencies
- [CRuby] Vendored libxml2 is updated to v2.12.5
<https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.5> from
v2.12.4. (@flavorjones <https://github.com/flavorjones>)
------------------------------
sha256 checksums:
69ba15d2a2498324489ed63850997f0b8f684260114ea81116d3082f16551d2d
nokogiri-1.16.2-aarch64-linux.gem
6a05ce42e3587a40cf8936ece0beaa5d32922254215d2e8cf9ad40588bb42e57
nokogiri-1.16.2-arm-linux.gem
c957226c8e36b31be6a3afb8602e2128282bf8b40ea51016c4cd21aa2608d3f8
nokogiri-1.16.2-arm64-darwin.gem
122652bfc338cd8a54a692ac035e245e41fd3b8283299202ca26e7a7d50db310
nokogiri-1.16.2-java.gem
7344b5072ca69fc5bedb61cb01a3b765b93a27aae5a2a845c2ba7200e4345074
nokogiri-1.16.2-x64-mingw-ucrt.gem
a2a5e184a424111a0d5b77947986484920ad708009c667f061e8d02035c562dd
nokogiri-1.16.2-x64-mingw32.gem
833efddeb51a6c2c9f6356295623c2b2e0d50050d468695c59bd929162953323
nokogiri-1.16.2-x86-linux.gem
e67fc0418dffaff9dc8b1dc65f0605282c3fee9488832d0223b620b4319e0b53
nokogiri-1.16.2-x86-mingw32.gem
5def799e5f139f21a79d7cf71172313a7b6fb0e4b2a31ab9bd5d4ad305994539
nokogiri-1.16.2-x86_64-darwin.gem
5b146240ac6ec6c40fd4367623e74442bca45a542bd3282b1d4d18b07b8e5dfe
nokogiri-1.16.2-x86_64-linux.gem
68922ee5cde27497d995c46f2821957bae961947644eed2822d173daf7567f9c nokogiri-1.16.2.gem