nokogiri version 1.7.1 has been released.
This is a security update based on 220.127.116.11, addressing two upstream libxml
2.9.4 vulnerabilities classified as "Medium" by Canonical, and CVSS3 score
of "5.3 Medium" by RedHat.
These patches only apply when using Nokogiri's vendored libxml2 package. If
you're using your distro's system libraries, there's no need to upgrade
from 18.104.22.168 at this time.
Full details are available at the github issue linked to in the changelog
# 1.7.1 / 2017-03-19
## Security Notes
[MRI] Upstream libxml2 patches are applied to the vendored libxml 2.9.4
which address CVE-2016-4658 and CVE-2016-5131.
For more information:
* [Windows only] Upgrade zlib from 1.2.8 to 1.2.11 (unless