---
- branch: MAIN
  date: Sat Apr 16 14:28:18 UTC 2022
  files:
  - new: '1.70'
    old: '1.69'
    path: pkgsrc/textproc/ruby-nokogiri/Makefile
    pathrev: pkgsrc/textproc/ruby-nokogiri/Makefile@1.70
    type: modified
  - new: '1.50'
    old: '1.49'
    path: pkgsrc/textproc/ruby-nokogiri/distinfo
    pathrev: pkgsrc/textproc/ruby-nokogiri/distinfo@1.50
    type: modified
  id: 20220416T142818Z.ef49df7ef6d742b1b3941061e6fbd2e8e1c7485e
  log: |
    ruby-nokogiri: update to 1.13.4.

    Upstream changes:
     https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4

    1.13.4 / 2022-04-11

    Security

      * Address CVE-2022-24836, a regular expression denial-of-service
        vulnerability. See GHSA-crjr-9rc5-ghw8 for more information.
      * [CRuby] Vendored zlib is updated to address CVE-2018-25032. See
        GHSA-v6gp-9mmm-c6p5 for more information.
      * [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated to address
        CVE-2022-23437. See GHSA-xxx9-3xcr-gjj3 for more information.
      * [JRuby] Vendored nekohtml (org.cyberneko.html) is updated to address
        CVE-2022-24839. See GHSA-gx8x-g87m-h5q6 for more information.

    Dependencies

      * [CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See
        LICENSE-DEPENDENCIES.md for details on which packages redistribute this
        library.)
      * [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to
        2.12.2.
      * [JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of
        1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://
        github.com/sparklemotion/nekohtml
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/textproc/ruby-nokogiri'
  unixtime: '1650119298'
  user: tsutsui