[ANN] nokogiri security update 1.8.1 Released

nokogiri version 1.8.1 has been released.

This is primarily a security update, wherein the vendored libxml2 and
libxslt versions have been updated:

   - libxml 2.9.5
   - libxslt 1.1.30

which address the CVEs called out in USN3424-1 [1].

These patches only apply when using Nokogiri's vendored libxml2 library. If
you're using your distro's system libraries, there's no security need to
upgrade at this time.

Full details are available at this github issue [2].

  [1]: https://usn.ubuntu.com/usn/usn-3424-1/
  [2]: https://github.com/sparklemotion/nokogiri/issues/1673

Full changelog entry:

## Dependencies

* [MRI] libxml2 is updated from 2.9.4 to 2.9.5.
* [MRI] libxslt is updated from 1.1.29 to 1.1.30.
* [MRI] optional dependency on the pkg-config gem has had its constraint
loosened to `~> 1.1` (from `~> 1.1.7`). [#1660]
* [MRI] Upgrade mini_portile2 dependency from `~> 2.2.0` to `~> 2.3.0`,
which will validate checksums on the vendored libxml2 and libxslt tarballs
before using them.

## Bugs

* NodeSet#first with an integer argument longer than the length of the
NodeSet now correctly clamps the length of the returned NodeSet to the
original length. [#1650] (Thanks, @Derenge!)
* [MRI] Ensure CData.new raises TypeError if the `content` argument is not
implicitly convertible into a string. [#1669]