SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ruby3.1-rubygem-nokogiri-1_8-1.8.5-1.114.x86_64.rpm :

* Mon Oct 29 2018 mschnitzerAATTsuse.com- updated to version 1.8.5 [#]# Security Notes [MRI] Pulled in upstream patches from libxml2 that address CVE-2018-14404 and CVE-2018-14567. Full details are available in [#1785](https://github.com/sparklemotion/nokogiri/issues/1785). Note that these patches are not yet (as of 2018-10-04) in an upstream release of libxml2. [#]# Bug fixes
* [MRI] Fix regression in installation when building against system libraries, where some systems would not be able to find libxml2 or libxslt when present. (Regression introduced in v1.8.3.) [#1722]
* [JRuby] Fix node reparenting when the destination doc is empty. [#1773]
* Wed Jul 04 2018 factory-autoAATTkulow.org- updated to version 1.8.4 see installed CHANGELOG.md [#] 1.8.4 / 2018-07-03 [#]# Bug fixes
* [MRI] Fix memory leak when creating nodes with namespaces. (Introduced in v1.5.7) [#1771]
* Sat Jun 16 2018 factory-autoAATTkulow.org- updated to version 1.8.3 see installed CHANGELOG.md [#] 1.8.3 / 2018-06-16 [#]# Security Notes [MRI] Behavior in libxml2 has been reverted which caused CVE-2018-8048 (loofah gem), CVE-2018-3740 (sanitize gem), and CVE-2018-3741 (rails-html-sanitizer gem). The commit in question is here: > https://github.com/GNOME/libxml2/commit/960f0e2 and more information is available about this commit and its impact here: > https://github.com/flavorjones/loofah/issues/144 This release simply reverts the libxml2 commit in question to protect users of Nokogiri\'s vendored libraries from similar vulnerabilities. If you\'re offended by what happened here, I\'d kindly ask that you comment on the upstream bug report here: > https://bugzilla.gnome.org/show_bug.cgi?id=769760 [#]# Dependencies
* [MRI] libxml2 is updated from 2.9.7 to 2.9.8 [#]# Features
* Node#classes, #add_class, #append_class, and #remove_class are added.
* NodeSet#append_class is added.
* NodeSet#remove_attribute is a new alias for NodeSet#remove_attr.
* NodeSet#each now returns an Enumerator when no block is passed (Thanks, AATTpark53kr!)
* [JRuby] General improvements in JRuby implementation (Thanks, AATTkares!) [#]# Bug fixes
* CSS attribute selectors now gracefully handle queries using integers. [#711]
* Handle ASCII-8BIT encoding on fragment input [#553]
* Handle non-string return values within `Reader` [#898]
* [JRuby] Allow Node#replace to insert Comment and CDATA nodes. [#1666]
* [JRuby] Stability and speed improvements to `Node`, `Sax::PushParser`, and the JRuby implementation [#1708, #1710, #1501]
* Tue Jan 30 2018 cbruckmayerAATTsuse.com- Updated to version 1.8.2 Security Notes
* [MRI] The update of vendored libxml2 from 2.9.5 to 2.9.7 addresses at least one published vulnerability, CVE-2017-15412. [#1714 has complete details] Dependencies
* [MRI] libxml2 is updated from 2.9.5 to 2.9.7
* [MRI] libxml2 is updated from 1.1.30 to 1.1.32 Features
* [MRI] OpenBSD installation should be a bit easier now. [#1685] (Thanks, AATTjeremyevans!)
* [MRI] Cross-built Windows gems now support Ruby 2.5 Bug fixes
* Node#serialize once again returns UTF-8-encoded strings. [#1659]
* [JRuby] made SAX parsing of characters consistent with C implementation [#1676] (Thanks, AATTandrew-aladev!)
* [MRI] Predefined entities, when inspected, no longer cause a segfault. [#1238]
* Wed Sep 20 2017 opensuse_buildserviceAATTojkastl.de- rename package, as this is a versioned gem
* Wed Sep 20 2017 bgeukenAATTsuse.com- Updated to version 1.8.1 From the upstream changelog: Dependencies [MRI] libxml2 is updated from 2.9.4 to 2.9.5. [MRI] libxslt is updated from 1.1.29 to 1.1.30. [MRI] optional dependency on the pkg-config gem has had its constraint loosened to ~> 1.1 (from ~> 1.1.7). [#1660] [MRI] Upgrade mini_portile2 dependency from ~> 2.2.0 to ~> 2.3.0, which will validate checksums on the vendored libxml2 and libxslt tarballs before using them. Bugs NodeSet#first with an integer argument longer than the length of the NodeSet now correctly clamps the length of the returned NodeSet to the original length. [#1650] (Thanks, AATTDerenge!) [MRI] Ensure CData.new raises TypeError if the content argument is not implicitly convertible into a string. [#1669]
* Sun Sep 17 2017 opensuse_buildserviceAATTojkastl.de- changed requirements for rubygem-mini_portile2 and rubygem-pkg-config in gem2rpm, to allow builds for multiple ruby versions
* Tue Jul 25 2017 opensuse_buildserviceAATTojkastl.de- removed BuildRequires for ruby2.2 and ruby2.3 versions of mini_portile2 and pkg-config
* Tue Jun 06 2017 cooloAATTsuse.com- updated to version 1.8.0 see installed CHANGELOG.md [#] 1.8.0 / 2017-06-04 [#]# Backwards incompatibilities This release ends support for Ruby 2.1 on Windows in the `x86-mingw32` and `x64-mingw32` platform gems (containing pre-compiled DLLs). Official support ended for Ruby 2.1 on 2017-04-01. Please note that this deprecation note only applies to the precompiled Windows gems. Ruby 2.1 continues to be supported (for now) in the default gem when compiled on installation. [#]# Dependencies
* [Windows] Upgrade iconv from 1.14 to 1.15 (unless --use-system-libraries)
* [Windows] Upgrade zlib from 1.2.8 to 1.2.11 (unless --use-system-libraries)
* [MRI] Upgrade rake-compiler dependency from 0.9.2 to 1.0.3
* [MRI] Upgrade mini-portile2 dependency from `~> 2.1.0` to `~> 2.2.0` [#]# Compatibility notes
* [JRuby] Removed support for `jruby --1.8` code paths. [#1607] (Thanks, AATTkares!)
* [MRI Windows] Retrieve zlib source from http://zlib.net/fossils to avoid deprecation issues going forward. See #1632 for details around this problem. [#]# Features
* NodeSet#clone is not an alias for NodeSet#dup [#1503] (Thanks, AATTstephankaag!)
* Allow Processing Instructions and Comments as children of a document root. [#1033] (Thanks, AATTwindwiny!)
* [MRI] PushParser#replace_entities and #replace_entities= will control whether entities are replaced or not. [#1017] (Thanks, AATTspraints!)
* [MRI] SyntaxError#to_s now includes line number, column number, and log level if made available by the parser. [#1304, #1637] (Thanks, AATTspk and AATTccarruitero!)
* [MRI] Cross-built Windows gems now support Ruby 2.4
* [MRI] Support for frozen string literals. [#1413]
* [MRI] Support for installing Nokogiri on a machine in FIPS-enabled mode [#1544]
* [MRI] Vendored libraries are verified with SHA-256 hashes (formerly some MD5 hashes were used) [#1544]
* [JRuby] (performance) remove unnecessary synchronization of class-cache [#1563] (Thanks, AATTkares!)
* [JRuby] (performance) remove unnecessary cloning of objects in XPath searches [#1563] (Thanks, AATTkares!)
* [JRuby] (performance) more performance improvements, particularly in XPath, Reader, XmlNode, and XmlNodeSet [#1597] (Thanks, AATTkares!) [#]# Bugs
* HTML::SAX::Parser#parse_io now correctly parses HTML and not XML [#1577] (Thanks for the test case, AATTgregors!)
* Support installation on systems with a `lib64` site config. [#1562]
* [MRI] on OpenBSD, do not require gcc if using system libraries [#1515] (Thanks, AATTjeremyevans!)
* [MRI] XML::Attr.new checks type of Document arg to prevent segfaults. [#1477]
* [MRI] Prefer xmlCharStrdup (and friends) to strdup (and friends), which can cause problems on some platforms. [#1517] (Thanks, AATTjeremy!)
* [JRuby] correctly append a text node before another text node [#1318] (Thanks, AATTjkraemer!)
* [JRuby] custom xpath functions returning an integer now work correctly [#1595] (Thanks, AATTkares!)
* [JRuby] serializing (`#to_html`, `#to_s`, et al) a document with explicit encoding now works correctly. [#1281, #1440] (Thanks, AATTkares!)
* [JRuby] XML::Reader now returns parse errors [#1586] (Thanks, AATTkares!)
* [JRuby] Empty NodeSets are now decorated properly. [#1319] (Thanks, AATTkares!)
* [JRuby] Merged nodes no longer results in Java exceptions during XPath queries. [#1320] (Thanks, AATTkares!)
* Tue May 23 2017 cooloAATTsuse.com- updated to version 1.7.2 see installed CHANGELOG.md [#] 1.7.2 / 2017-05-09 [#]# Security Notes [MRI] Upstream libxslt patches are applied to the vendored libxslt 1.1.29 which address CVE-2017-5029 and CVE-2016-4738. For more information:
* https://github.com/sparklemotion/nokogiri/issues/1634
* http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5029.html
* http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4738.html
  
ICM