From 1799915e0f63b34d7aadf54d3efa92c30d9fcfd6 Mon Sep 17 00:00:00 2001
From: Charles Oliver Nutter <headius@headius.com>
Date: Mon, 11 Sep 2023 19:37:41 +0200
Subject: [PATCH 1/2] Update to JRuby 9.4.3.0

JRuby 9.4.3.0 includes an udpated Psych YAML library, which uses
SnakeYAML-Engine and avoids several CVEs against the original
SnakeYAML. By updating here, downstream users of asciidoctorj will
not run into security audit issues.

See related issues and PRs:

* https://github.com/jruby/jruby/issues/7570
* https://github.com/jruby/jruby/pull/7600
* https://github.com/jruby/jruby/pull/7626
* https://github.com/jruby/jruby/issues/7935
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index f821e0a4..01a0444a 100644
--- a/build.gradle
+++ b/build.gradle
@@ -69,7 +69,7 @@ ext {
   guavaVersion = '18.0'
   hamcrestVersion = '1.3'
   jcommanderVersion = '1.82'
-  jrubyVersion = '9.4.2.0'
+  jrubyVersion = '9.4.3.0'
   jsoupVersion = '1.14.3'
   junitVersion = '4.13.2'
   assertjVersion = '3.19.0'

From 3b6641e95ee9d97ec68cc7592f35b8ecf4e66eff Mon Sep 17 00:00:00 2001
From: Robert Panzer <robert.panzer.pb@googlemail.com>
Date: Sun, 17 Sep 2023 17:14:55 +0200
Subject: [PATCH 2/2] Update changelog

---
 CHANGELOG.adoc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
index b0393e31..3e07a7ba 100644
--- a/CHANGELOG.adoc
+++ b/CHANGELOG.adoc
@@ -13,6 +13,10 @@ For a detailed view of what has changed, refer to the {url-repo}/commits/main[co
 
 == Unreleased
 
+Improvement::
+
+* Upgrade to JRuby 9.4.3.0 (#1235) (@headius)
+
 == 2.5.10 (2023-06-04)
 
 Improvement::