Skip to content

Commit

Permalink
version bump to v1.13.6
Browse files Browse the repository at this point in the history
  • Loading branch information
flavorjones committed May 8, 2022
1 parent 61b1a39 commit b7817b6
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
12 changes: 12 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,18 @@ Nokogiri follows [Semantic Versioning](https://semver.org/), please see the [REA

---

## 1.13.6 / 2022-05-08

### Security

* [CRuby] Address [CVE-2022-29181](https://nvd.nist.gov/vuln/detail/CVE-2022-29181), improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See [GHSA-xh29-r2w5-wx8m](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m) for more information.


### Improvements

* `{HTML4,XML}::SAX::{Parser,ParserContext}` constructor methods now raise `TypeError` instead of segfaulting when an incorrect type is passed.


## 1.13.5 / 2022-05-04

### Security
Expand Down
2 changes: 1 addition & 1 deletion lib/nokogiri/version/constant.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@

module Nokogiri
# The version of Nokogiri you are using
VERSION = "1.13.5"
VERSION = "1.13.6"
end

0 comments on commit b7817b6

Please sign in to comment.