1.11.4 / 2021-05-14 #2236

flavorjones · 2021-05-14T23:32:55Z

flavorjones
May 14, 2021
Maintainer

1.11.4 / 2021-05-14

Security

[CRuby] Vendored libxml2 upgraded to v2.9.12 which addresses:

Note that two additional CVEs were addressed upstream but are not relevant to this release. CVE-2021-3516 via xmllint is not present in Nokogiri, and CVE-2020-7595 has been patched in Nokogiri since v1.10.8 (see #1992).

Please see nokogiri/GHSA-7rrm-v45f-jp64 or #2233 for a more complete analysis of these CVEs and patches.

Dependencies

[CRuby] vendored libxml2 is updated from 2.9.10 to 2.9.12. (Note that 2.9.11 was skipped because it was superseded by 2.9.12 a few hours after its release.)

This discussion was created from the release 1.11.4 / 2021-05-14.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.11.4 / 2021-05-14 #2236

{{title}}

Replies: 0 comments

Select a reply

1.11.4 / 2021-05-14 #2236

flavorjones May 14, 2021 Maintainer

1.11.4 / 2021-05-14

Security

Dependencies

Replies: 0 comments

flavorjones
May 14, 2021
Maintainer