ruby-nokogiri: update to 1.10.4.

Upstream changelog: https://github.com/sparklemotion/nokogiri/blob/v1.10.4/CHANGELOG.md # 1.10.4 / 2019-08-07 ### Security #### Address CVE-2019-5477 (#1915) A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being passed untrusted user input. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4. This CVE's public notice is https://github.com/sparklemotion/nokogiri/issues/1915
author: tsutsui <tsutsui@pkgsrc.org> 2019-08-11 23:14:47 +0000
committer: tsutsui <tsutsui@pkgsrc.org> 2019-08-11 23:14:47 +0000
commit: 71fd1fa4c8976580d2f55714946a31fda8ff5080 (patch)
tree: f9ad1fe6f05ac9702c7d86e9c784e200f28fcf4d /textproc/ruby-nokogiri
parent: aaf6ec319fcef695563ae5b2ed47e05d673d9f64 (diff)
download: pkgsrc-71fd1fa4c8976580d2f55714946a31fda8ff5080.tar.gz
2 files changed, 7 insertions, 7 deletions
diff --git a/textproc/ruby-nokogiri/Makefile b/textproc/ruby-nokogiri/Makefile
index 827f5af62f5..fe2f6796321 100644
--- a/textproc/ruby-nokogiri/Makefile
+++ b/textproc/ruby-nokogiri/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.46 2019/06/22 04:11:59 tsutsui Exp $
+# $NetBSD: Makefile,v 1.47 2019/08/11 23:14:47 tsutsui Exp $
 
-DISTNAME=	nokogiri-1.10.3
+DISTNAME=	nokogiri-1.10.4
 CATEGORIES=	textproc
 
 MAINTAINER=	tsutsui@NetBSD.org
diff --git a/textproc/ruby-nokogiri/distinfo b/textproc/ruby-nokogiri/distinfo
index 0b4e63a9137..d5dbc7262ce 100644
--- a/textproc/ruby-nokogiri/distinfo
+++ b/textproc/ruby-nokogiri/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.33 2019/06/22 04:11:59 tsutsui Exp $
+$NetBSD: distinfo,v 1.34 2019/08/11 23:14:47 tsutsui Exp $
 
-SHA1 (nokogiri-1.10.3.gem) = 28e34a5d5cfcf6ddc75ddf689c3fda4c6708d8ad
-RMD160 (nokogiri-1.10.3.gem) = f109d98f3605e541805d5f4b5fd7d1f104c463a5
-SHA512 (nokogiri-1.10.3.gem) = a73b613964cfa712c574cc8b8366f461ba51647a001ccb1845853c5846de450f1631311d1ea6c776d74c0f06a146869cc283d670cb99de229945c8743be6cbc8
-Size (nokogiri-1.10.3.gem) = 8983040 bytes
+SHA1 (nokogiri-1.10.4.gem) = 528336a1ebac4758a01c643c0ad0031a33febe2c
+RMD160 (nokogiri-1.10.4.gem) = bbe35df76428c10446ebc16f7d1e2bd65ff6c0b8
+SHA512 (nokogiri-1.10.4.gem) = 4d852546d430d7de3da79d0b4006f71e9a909779a824530ced5df79a76dfd79ddc0415caa9f9bde582399abb816ea279de0fea6cdd40eafa0652347fb86aa220
+Size (nokogiri-1.10.4.gem) = 8983040 bytes
author	tsutsui <tsutsui@pkgsrc.org>	2019-08-11 23:14:47 +0000
committer	tsutsui <tsutsui@pkgsrc.org>	2019-08-11 23:14:47 +0000
commit	71fd1fa4c8976580d2f55714946a31fda8ff5080 (patch)
tree	f9ad1fe6f05ac9702c7d86e9c784e200f28fcf4d /textproc/ruby-nokogiri
parent	aaf6ec319fcef695563ae5b2ed47e05d673d9f64 (diff)
download	pkgsrc-71fd1fa4c8976580d2f55714946a31fda8ff5080.tar.gz