RubyGems - nokogiri - Versions diffs - 1.6.6.2-java → 1.6.6.3-java - Mend

nokogiri 1.6.6.2-java → 1.6.6.3-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (15) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6f9efa7d47083304b1b3d5e4db4709e9d2802866
-  data.tar.gz: 1c1281fa6f08dd915e41be8630ccc3e3819106a9
+  metadata.gz: ae89053e5784e4c1a057862f583ac6648ab9bc0c
+  data.tar.gz: 61ebd1a5ab0fa50d67db56b521586a75b2b804eb
 SHA512:
-  metadata.gz: 5e2143b7ff366e81359b93e7442ba4dcfe05ba55f231e4ef49669c3cd1c1043c5f3b9a7370f32954e8eb3d97b294bd3db08142e1673a727889bb637f18884060
-  data.tar.gz: 3c465e045b82a508c342657552c7c9f8af61fd8bf4a881754de38cb454d7537e1800ec0881e2dcb5a1b5c123bcf7ae5f18e67d79c9cc35a1861b6bc60203c664
+  metadata.gz: e697f04c52deb9d99c8e7db453fb897ecf3c3dd90dfeb50b9d6545345cbe03b9471ae5df72faa95dc0ec0314fe803a5b9219ad0d8088ed061309c2cef1a20176
+  data.tar.gz: d3bfbdc091286f7e4f9dcadd2b79ebe13fe71aa23af6efa56909bb4d2bf5c50f573cd319ccf72f6c7460f59a4ed3df8f211e9f347e89de81446738734c27a53f

data/CHANGELOG.ja.rdoc CHANGED

@@ -1,3 +1,18 @@
+=== 1.6.6.3 / 2015-11-16
+This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
+* CVE-2015-1819
+* CVE-2015-7941_1
+* CVE-2015-7941_2
+* CVE-2015-7942
+* CVE-2015-7942-2
+* CVE-2015-8035
+* CVE-2015-7995
+See #1374 for details.
 === 1.6.6.2 / 2015年01月23日
 ==== Bug fixes

data/CHANGELOG.rdoc CHANGED

@@ -1,3 +1,18 @@
+=== 1.6.6.3 / 2015-11-16
+This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
+* CVE-2015-1819
+* CVE-2015-7941_1
+* CVE-2015-7941_2
+* CVE-2015-7942
+* CVE-2015-7942-2
+* CVE-2015-8035
+* CVE-2015-7995
+See #1374 for details.
 === 1.6.6.2 / 2015-01-23
 ==== Bug fixes

data/Manifest.txt CHANGED

@@ -244,6 +244,12 @@ lib/xercesImpl.jar
 lib/xsd/xmlparser/nokogiri.rb
 ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
 ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch
+ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch
+ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
+ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch
+ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch
+ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch
 ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
 ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
 ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
@@ -256,6 +262,7 @@ ports/patches/libxslt/0010-Fix-handling-of-UTF-8-strings-in-EXSLT-crypto-module.
 ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch
 ports/patches/libxslt/0014-Fix-for-bug-436589.patch
 ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch
+ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch
 ports/patches/sort-patches-by-date
 suppressions/README.txt
 suppressions/nokogiri_ree-1.8.7.358.supp

data/lib/nokogiri/nokogiri.jar CHANGED

Binary file

data/lib/nokogiri/version.rb CHANGED

@@ -1,6 +1,6 @@
 module Nokogiri
   # The version of Nokogiri you are using
-  VERSION = '1.6.6.2'
+  VERSION = '1.6.6.3'
   class VersionInfo # :nodoc:
     def jruby?

data/ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch ADDED

@@ -0,0 +1,32 @@
+From 99d99063ae5c4b6bd2b58324273401f3ce42a550 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Mon, 23 Feb 2015 11:17:35 +0800
+Subject: [PATCH 3/8] Stop parsing on entities boundaries errors
+For https://bugzilla.gnome.org/show_bug.cgi?id=744980
+There are times, like on unterminated entities that it's preferable to
+stop parsing, even if that means less error reporting. Entities are
+feeding the parser on further processing, and if they are ill defined
+then it's possible to get the parser to bug. Also do the same on
+Conditional Sections if the input is broken, as the structure of
+the document can't be guessed.
+---
+ parser.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/parser.c b/parser.c
+index 1d93967..7b0380c 100644
+--- a/parser.c
++++ b/parser.c
+@@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) {
+ 	if (RAW != '>') {
+ 	    xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED,
+ 	            "xmlParseEntityDecl: entity %s not terminated\n", name);
++	    xmlStopParser(ctxt);
+ 	} else {
+ 	    if (input != ctxt->input) {
+ 		xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY,
+--
+2.5.0

data/ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch ADDED

@@ -0,0 +1,49 @@
+From c8d3950c5532c2e3d954bacdb8c479bb9fdacf89 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Mon, 23 Feb 2015 11:29:20 +0800
+Subject: [PATCH 4/8] Cleanup conditional section error handling
+For https://bugzilla.gnome.org/show_bug.cgi?id=744980
+The error handling of Conditional Section also need to be
+straightened as the structure of the document can't be
+guessed on a failure there and it's better to stop parsing
+as further errors are likely to be irrelevant.
+---
+ parser.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/parser.c b/parser.c
+index 7b0380c..1e714e7 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	SKIP_BLANKS;
+ 	if (RAW != '[') {
+ 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
++	    xmlStopParser(ctxt);
++	    return;
+ 	} else {
+ 	    if (ctxt->input->id != id) {
+ 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
+@@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	SKIP_BLANKS;
+ 	if (RAW != '[') {
+ 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
++	    xmlStopParser(ctxt);
++	    return;
+ 	} else {
+ 	    if (ctxt->input->id != id) {
+ 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
+@@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+     } else {
+ 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
++	xmlStopParser(ctxt);
++	return;
+     }
+     if (RAW == 0)
+--
+2.5.0

data/ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch ADDED

@@ -0,0 +1,177 @@
+From 12f31177b0d9be57ed8fb3467b501606fb145286 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 14 Apr 2015 17:41:48 +0800
+Subject: [PATCH 5/8] CVE-2015-1819 Enforce the reader to run in constant
+ memory
+One of the operation on the reader could resolve entities
+leading to the classic expansion issue. Make sure the
+buffer used for xmlreader operation is bounded.
+Introduce a new allocation type for the buffers for this effect.
+---
+ buf.c                 | 43 ++++++++++++++++++++++++++++++++++++++++++-
+ include/libxml/tree.h |  3 ++-
+ xmlreader.c           | 20 +++++++++++++++++++-
+ 3 files changed, 63 insertions(+), 3 deletions(-)
+diff --git a/buf.c b/buf.c
+index 6efc7b6..07922ff 100644
+--- a/buf.c
++++ b/buf.c
+@@ -27,6 +27,7 @@
+ #include <libxml/tree.h>
+ #include <libxml/globals.h>
+ #include <libxml/tree.h>
++#include <libxml/parserInternals.h> /* for XML_MAX_TEXT_LENGTH */
+ #include "buf.h"
+ #define WITH_BUFFER_COMPAT
+@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
+     if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
+         (scheme == XML_BUFFER_ALLOC_EXACT) ||
+         (scheme == XML_BUFFER_ALLOC_HYBRID) ||
+-        (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
++        (scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
++	(scheme == XML_BUFFER_ALLOC_BOUNDED)) {
+ 	buf->alloc = scheme;
+         if (buf->buffer)
+             buf->buffer->alloc = scheme;
+@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
+     size = buf->use + len + 100;
+ #endif
++    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++        /*
++	 * Used to provide parsing limits
++	 */
++        if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
++	    (buf->size >= XML_MAX_TEXT_LENGTH)) {
++	    xmlBufMemoryError(buf, "buffer error: text too long\n");
++	    return(0);
++	}
++	if (size >= XML_MAX_TEXT_LENGTH)
++	    size = XML_MAX_TEXT_LENGTH;
++    }
+     if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
+         size_t start_buf = buf->content - buf->contentIO;
+@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
+     CHECK_COMPAT(buf)
+     if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
++    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++        /*
++	 * Used to provide parsing limits
++	 */
++        if (size >= XML_MAX_TEXT_LENGTH) {
++	    xmlBufMemoryError(buf, "buffer error: text too long\n");
++	    return(0);
++	}
++    }
+     /* Don't resize if we don't have to */
+     if (size < buf->size)
+@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
+     needSize = buf->use + len + 2;
+     if (needSize > buf->size){
++	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++	    /*
++	     * Used to provide parsing limits
++	     */
++	    if (needSize >= XML_MAX_TEXT_LENGTH) {
++		xmlBufMemoryError(buf, "buffer error: text too long\n");
++		return(-1);
++	    }
++	}
+         if (!xmlBufResize(buf, needSize)){
+ 	    xmlBufMemoryError(buf, "growing buffer");
+             return XML_ERR_NO_MEMORY;
+@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) {
+     }
+     needSize = buf->use + len + 2;
+     if (needSize > buf->size){
++	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++	    /*
++	     * Used to provide parsing limits
++	     */
++	    if (needSize >= XML_MAX_TEXT_LENGTH) {
++		xmlBufMemoryError(buf, "buffer error: text too long\n");
++		return(-1);
++	    }
++	}
+         if (!xmlBufResize(buf, needSize)){
+ 	    xmlBufMemoryError(buf, "growing buffer");
+             return XML_ERR_NO_MEMORY;
+diff --git a/include/libxml/tree.h b/include/libxml/tree.h
+index 2f90717..4a9b3bc 100644
+--- a/include/libxml/tree.h
++++ b/include/libxml/tree.h
+@@ -76,7 +76,8 @@ typedef enum {
+     XML_BUFFER_ALLOC_EXACT,	/* grow only to the minimal size */
+     XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */
+     XML_BUFFER_ALLOC_IO,	/* special allocation scheme used for I/O */
+-    XML_BUFFER_ALLOC_HYBRID	/* exact up to a threshold, and doubleit thereafter */
++    XML_BUFFER_ALLOC_HYBRID,	/* exact up to a threshold, and doubleit thereafter */
++    XML_BUFFER_ALLOC_BOUNDED	/* limit the upper size of the buffer */
+ } xmlBufferAllocationScheme;
+ /**
+diff --git a/xmlreader.c b/xmlreader.c
+index f19e123..471e7e2 100644
+--- a/xmlreader.c
++++ b/xmlreader.c
+@@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) {
+ 		"xmlNewTextReader : malloc failed\n");
+ 	return(NULL);
+     }
++    /* no operation on a reader should require a huge buffer */
++    xmlBufSetAllocationScheme(ret->buffer,
++			      XML_BUFFER_ALLOC_BOUNDED);
+     ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
+     if (ret->sax == NULL) {
+ 	xmlBufFree(ret->buffer);
+@@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
+ 	    return(((xmlNsPtr) node)->href);
+         case XML_ATTRIBUTE_NODE:{
+ 	    xmlAttrPtr attr = (xmlAttrPtr) node;
++	    const xmlChar *ret;
+ 	    if ((attr->children != NULL) &&
+ 	        (attr->children->type == XML_TEXT_NODE) &&
+@@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
+                                         "xmlTextReaderSetup : malloc failed\n");
+                         return (NULL);
+                     }
++		    xmlBufSetAllocationScheme(reader->buffer,
++		                              XML_BUFFER_ALLOC_BOUNDED);
+                 } else
+                     xmlBufEmpty(reader->buffer);
+ 	        xmlBufGetNodeContent(reader->buffer, node);
+-		return(xmlBufContent(reader->buffer));
++		ret = xmlBufContent(reader->buffer);
++		if (ret == NULL) {
++		    /* error on the buffer best to reallocate */
++		    xmlBufFree(reader->buffer);
++		    reader->buffer = xmlBufCreateSize(100);
++		    xmlBufSetAllocationScheme(reader->buffer,
++		                              XML_BUFFER_ALLOC_BOUNDED);
++		    ret = BAD_CAST "";
++		}
++		return(ret);
+ 	    }
+ 	    break;
+ 	}
+@@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader,
+                         "xmlTextReaderSetup : malloc failed\n");
+         return (-1);
+     }
++    /* no operation on a reader should require a huge buffer */
++    xmlBufSetAllocationScheme(reader->buffer,
++			      XML_BUFFER_ALLOC_BOUNDED);
+     if (reader->sax == NULL)
+ 	reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
+     if (reader->sax == NULL) {
+--
+2.5.0

data/ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch ADDED

@@ -0,0 +1,32 @@
+From 9ee30e69f63379b3caf451aa7ae4058a1fa2fa73 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Fri, 23 Oct 2015 19:02:28 +0800
+Subject: [PATCH 6/8] Another variation of overflow in Conditional sections
+Which happen after the previous fix to
+https://bugzilla.gnome.org/show_bug.cgi?id=756456
+But stopping the parser and exiting we didn't pop the intermediary entities
+and doing the SKIP there applies on an input which may be too small
+---
+ parser.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+diff --git a/parser.c b/parser.c
+index 1e714e7..0b8d633 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6904,7 +6904,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	"All markup of the conditional section is not in the same entity\n",
+ 				 NULL, NULL);
+ 	}
+-        SKIP(3);
++	if ((ctxt-> instate != XML_PARSER_EOF) &&
++	    ((ctxt->input->cur + 3) < ctxt->input->end))
++	    SKIP(3);
+     }
+ }
+--
+2.5.0

data/ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch ADDED

@@ -0,0 +1,28 @@
+From 587f0e0133f51f3e09d1166cc0f6b24b50ddb357 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 27 Oct 2015 10:53:44 +0800
+Subject: [PATCH 7/8] Fix an error in previous Conditional section patch
+an off by one mistake in the change, led to error on correct
+document where the end of the included entity was exactly
+the end of the conditional section, leading to regtest failure
+---
+ parser.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/parser.c b/parser.c
+index 0b8d633..0650d2a 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6905,7 +6905,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 				 NULL, NULL);
+ 	}
+ 	if ((ctxt-> instate != XML_PARSER_EOF) &&
+-	    ((ctxt->input->cur + 3) < ctxt->input->end))
++	    ((ctxt->input->cur + 3) <= ctxt->input->end))
+ 	    SKIP(3);
+     }
+ }
+--
+2.5.0

data/ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch ADDED

@@ -0,0 +1,31 @@
+From 8f905eeb2aa553ee50194ed38db7186653ec6e1c Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 3 Nov 2015 15:31:25 +0800
+Subject: [PATCH 8/8] CVE-2015-8035 Fix XZ compression support loop
+For https://bugzilla.gnome.org/show_bug.cgi?id=757466
+DoS when parsing specially crafted XML document if XZ support
+is compiled in (which wasn't the case for 2.9.2 and master since
+Nov 2013, fixed in next commit !)
+---
+ xzlib.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/xzlib.c b/xzlib.c
+index 0dcb9f4..1fab546 100644
+--- a/xzlib.c
++++ b/xzlib.c
+@@ -581,6 +581,10 @@ xz_decomp(xz_statep state)
+             xz_error(state, LZMA_DATA_ERROR, "compressed data error");
+             return -1;
+         }
++        if (ret == LZMA_PROG_ERROR) {
++            xz_error(state, LZMA_PROG_ERROR, "compression error");
++            return -1;
++        }
+     } while (strm->avail_out && ret != LZMA_STREAM_END);
+     /* update available output and crc check value */
+--
+2.5.0

data/ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch ADDED

@@ -0,0 +1,29 @@
+From 5865b9545891a38608374ff6458663e483a0dfb5 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Thu, 29 Oct 2015 19:33:23 +0800
+Subject: [PATCH] Fix for type confusion in preprocessing attributes
+CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
+We need to check that the parent node is an element before dereferencing
+its namespace
+---
+ libxslt/preproc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+diff --git a/libxslt/preproc.c b/libxslt/preproc.c
+index 4ef3f63..dac6acb 100644
+--- a/libxslt/preproc.c
++++ b/libxslt/preproc.c
+@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) {
+ 	} else if (IS_XSLT_NAME(inst, "attribute")) {
+ 	    xmlNodePtr parent = inst->parent;
+-	    if ((parent == NULL) || (parent->ns == NULL) ||
++	    if ((parent == NULL) ||
++	        (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
+ 		((parent->ns != inst->ns) &&
+ 		 (!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
+ 		(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
+--
+2.5.0

data/test_all CHANGED

@@ -14,11 +14,11 @@
 RUBIES="\
   ruby-2.2 \
   ruby-2.1 \
-  ruby-2.0.0-p598 \
+  ruby-2.0.0-p647 \
   ruby-1.9.3-p551 \
   ruby-1.9.2-p330 \
-  jruby-9.0.0.0.pre1 \
-  jruby-1.7.18
+  jruby-9.0.4.0 \
+  jruby-1.7.19
   "
 TEST_LOG=test.log

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nokogiri
 version: !ruby/object:Gem::Version
-  version: 1.6.6.2
+  version: 1.6.6.3
 platform: java
 authors:
 - Aaron Patterson
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-01-23 00:00:00.000000000 Z
+date: 2015-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rdoc
@@ -160,12 +160,12 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '3.13'
+        version: '3.14'
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '3.13'
+        version: '3.14'
   prerelease: false
   type: :development
 description: |-
@@ -431,6 +431,7 @@ files:
 - lib/nokogiri/html/sax/parser.rb
 - lib/nokogiri/html/sax/parser_context.rb
 - lib/nokogiri/html/sax/push_parser.rb
+- lib/nokogiri/nokogiri.jar
 - lib/nokogiri/syntax_error.rb
 - lib/nokogiri/version.rb
 - lib/nokogiri/xml.rb
@@ -475,6 +476,12 @@ files:
 - lib/xsd/xmlparser/nokogiri.rb
 - ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
 - ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+- ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch
+- ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch
+- ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
+- ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch
+- ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch
+- ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch
 - ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
 - ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
 - ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
@@ -487,6 +494,7 @@ files:
 - ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch
 - ports/patches/libxslt/0014-Fix-for-bug-436589.patch
 - ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch
+- ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch
 - ports/patches/sort-patches-by-date
 - suppressions/README.txt
 - suppressions/nokogiri_ree-1.8.7.358.supp
@@ -601,7 +609,6 @@ files:
 - test/xslt/test_custom_functions.rb
 - test/xslt/test_exception_handling.rb
 - test_all
-- lib/nokogiri/nokogiri.jar
 homepage: http://nokogiri.org
 licenses:
 - MIT
@@ -624,78 +631,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.1.9
+rubygems_version: 2.4.5
 signing_key:
 specification_version: 4
 summary: Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser
-test_files:
-- test/test_reader.rb
-- test/test_memory_leak.rb
-- test/test_soap4r_sax.rb
-- test/test_nokogiri.rb
-- test/test_xslt_transforms.rb
-- test/test_convert_xpath.rb
-- test/test_encoding_handler.rb
-- test/test_css_cache.rb
-- test/xml/test_processing_instruction.rb
-- test/xml/test_c14n.rb
-- test/xml/test_builder.rb
-- test/xml/test_document_fragment.rb
-- test/xml/test_comment.rb
-- test/xml/test_unparented_node.rb
-- test/xml/test_node_reparenting.rb
-- test/xml/test_syntax_error.rb
-- test/xml/test_cdata.rb
-- test/xml/test_entity_reference.rb
-- test/xml/test_schema.rb
-- test/xml/test_xinclude.rb
-- test/xml/test_document.rb
-- test/xml/test_node_inheritance.rb
-- test/xml/test_text.rb
-- test/xml/test_xpath.rb
-- test/xml/test_element_decl.rb
-- test/xml/test_node_attributes.rb
-- test/xml/test_attribute_decl.rb
-- test/xml/test_node.rb
-- test/xml/test_reader_encoding.rb
-- test/xml/test_parse_options.rb
-- test/xml/test_node_set.rb
-- test/xml/test_dtd.rb
-- test/xml/test_document_encoding.rb
-- test/xml/test_entity_decl.rb
-- test/xml/test_node_encoding.rb
-- test/xml/test_attr.rb
-- test/xml/test_relax_ng.rb
-- test/xml/test_namespace.rb
-- test/xml/test_element_content.rb
-- test/xml/test_dtd_encoding.rb
-- test/xml/sax/test_parser_context.rb
-- test/xml/sax/test_parser.rb
-- test/xml/sax/test_push_parser.rb
-- test/xml/node/test_subclass.rb
-- test/xml/node/test_save_options.rb
-- test/css/test_tokenizer.rb
-- test/css/test_xpath_visitor.rb
-- test/css/test_nthiness.rb
-- test/css/test_parser.rb
-- test/html/test_builder.rb
-- test/html/test_document_fragment.rb
-- test/html/test_element_description.rb
-- test/html/test_document.rb
-- test/html/test_named_characters.rb
-- test/html/test_node.rb
-- test/html/test_document_encoding.rb
-- test/html/test_node_encoding.rb
-- test/html/sax/test_parser_context.rb
-- test/html/sax/test_parser.rb
-- test/html/sax/test_push_parser.rb
-- test/xslt/test_custom_functions.rb
-- test/xslt/test_exception_handling.rb
-- test/decorators/test_slop.rb
-- test/namespaces/test_namespaces_in_cloned_doc.rb
-- test/namespaces/test_additional_namespaces_in_builder_doc.rb
-- test/namespaces/test_namespaces_in_parsed_doc.rb
-- test/namespaces/test_namespaces_aliased_default.rb
-- test/namespaces/test_namespaces_preservation.rb
-- test/namespaces/test_namespaces_in_created_doc.rb
-- test/namespaces/test_namespaces_in_builder_doc.rb
+test_files: []