From 5d8ee1250f028d9e0650fb65681c9c5ae49bece4 Mon Sep 17 00:00:00 2001
From: Jon Moss <me@jonathanmoss.me>
Date: Thu, 17 Dec 2015 17:35:25 -0500
Subject: [PATCH] Require Nokogiri >= 1.6.7.1

Many CVEs released: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
---
 Gemfile      | 2 +-
 Gemfile.lock | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile b/Gemfile
index ef17ed735c8..b6e2760d9eb 100644
--- a/Gemfile
+++ b/Gemfile
@@ -85,7 +85,7 @@ group :test do
 end
 
 platforms :ruby, :mswin, :mswin64, :mingw, :x64_mingw do
-  gem 'nokogiri', '>= 1.6.7'
+  gem 'nokogiri', '>= 1.6.7.1'
 
   # Needed for compiling the ActionDispatch::Journey parser.
   gem 'racc', '>=1.4.6', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 8cf764797cd..1006143f541 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -327,7 +327,7 @@ DEPENDENCIES
   mocha (~> 0.14)
   mysql (>= 2.9.0)
   mysql2 (>= 0.4.0)
-  nokogiri (>= 1.6.7)
+  nokogiri (>= 1.6.7.1)
   pg (>= 0.18.0)
   psych (~> 2.0)
   puma