Skip to content

Commit

Permalink
update CHANGELOG with the GHSA
Browse files Browse the repository at this point in the history 
and markdown links to issues.
  • Loading branch information
@flavorjones
flavorjones committed May 14, 2021
1 parent 9d69b44 commit 4b9bfe3
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,9 @@ Nokogiri follows [Semantic Versioning](https://semver.org/), please see the [REA
- [CVE-2021-3537](https://security.archlinux.org/CVE-2021-3537)
- [CVE-2021-3541](https://security.archlinux.org/CVE-2021-3541)

Note that two additional CVEs were addressed upstream but are not relevant to this release. [CVE-2021-3516](https://security.archlinux.org/CVE-2021-3516) via `xmllint` is not present in Nokogiri, and [CVE-2020-7595](https://security.archlinux.org/CVE-2020-7595) has been patched in Nokogiri since v1.10.8 (see #1992).
Note that two additional CVEs were addressed upstream but are not relevant to this release. [CVE-2021-3516](https://security.archlinux.org/CVE-2021-3516) via `xmllint` is not present in Nokogiri, and [CVE-2020-7595](https://security.archlinux.org/CVE-2020-7595) has been patched in Nokogiri since v1.10.8 (see [#1992](https://github.com/sparklemotion/nokogiri/issues/1992)).

Please see #2233 for a more complete analysis of these CVEs and patches.
Please see [nokogiri/GHSA-7rrm-v45f-jp64 ](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64) or [#2233](https://github.com/sparklemotion/nokogiri/issues/2233) for a more complete analysis of these CVEs and patches.


### Dependencies
Expand Down

0 comments on commit 4b9bfe3

Please sign in to comment.