From 6c63bab0d7f266447224ce9a9325813ba0fe12b6 Mon Sep 17 00:00:00 2001
From: Victor Koronen <koronen@kth.se>
Date: Thu, 1 Nov 2018 21:59:33 +0100
Subject: [PATCH] Bump nokogiri to address CVE-2018-8048 and CVE-2018-14404

As reported by `bundler-audit`:

    Name: nokogiri
    Version: 1.8.2
    Advisory: CVE-2018-8048
    Criticality: Unknown
    URL: https://github.com/sparklemotion/nokogiri/pull/1746
    Title: Revert libxml2 behavior in Nokogiri gem that could cause XSS
    Solution: upgrade to >= 1.8.3

    Name: nokogiri
    Version: 1.8.2
    Advisory: CVE-2018-14404
    Criticality: Unknown
    URL: https://github.com/sparklemotion/nokogiri/issues/1785
    Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
    Solution: upgrade to >= 1.8.5
---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 2da311c96..44bf7ece0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -76,7 +76,7 @@ GEM
     minitest (5.11.3)
     multi_json (1.12.1)
     multipart-post (2.0.0)
-    nokogiri (1.8.2)
+    nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     parser (2.3.0.6)
       ast (~> 2.2)
@@ -222,4 +222,4 @@ RUBY VERSION
    ruby 2.3.3p222
 
 BUNDLED WITH
-   1.16.1
+   1.17.1