RubyGems - nokogiri - Versions diffs - 1.6.6.2-java → 1.6.6.3-java - Mend

nokogiri 1.6.6.2-java → 1.6.6.3-java

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (15) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6f9efa7d47083304b1b3d5e4db4709e9d2802866
-  data.tar.gz: 1c1281fa6f08dd915e41be8630ccc3e3819106a9
+  metadata.gz: ae89053e5784e4c1a057862f583ac6648ab9bc0c
+  data.tar.gz: 61ebd1a5ab0fa50d67db56b521586a75b2b804eb
 SHA512:
-  metadata.gz: 5e2143b7ff366e81359b93e7442ba4dcfe05ba55f231e4ef49669c3cd1c1043c5f3b9a7370f32954e8eb3d97b294bd3db08142e1673a727889bb637f18884060
-  data.tar.gz: 3c465e045b82a508c342657552c7c9f8af61fd8bf4a881754de38cb454d7537e1800ec0881e2dcb5a1b5c123bcf7ae5f18e67d79c9cc35a1861b6bc60203c664
+  metadata.gz: e697f04c52deb9d99c8e7db453fb897ecf3c3dd90dfeb50b9d6545345cbe03b9471ae5df72faa95dc0ec0314fe803a5b9219ad0d8088ed061309c2cef1a20176
+  data.tar.gz: d3bfbdc091286f7e4f9dcadd2b79ebe13fe71aa23af6efa56909bb4d2bf5c50f573cd319ccf72f6c7460f59a4ed3df8f211e9f347e89de81446738734c27a53f

data/CHANGELOG.ja.rdoc CHANGED

@@ -1,3 +1,18 @@
+=== 1.6.6.3 / 2015-11-16
+This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
+* CVE-2015-1819
+* CVE-2015-7941_1
+* CVE-2015-7941_2
+* CVE-2015-7942
+* CVE-2015-7942-2
+* CVE-2015-8035
+* CVE-2015-7995
+See #1374 for details.
 === 1.6.6.2 / 2015年01月23日
 ==== Bug fixes

data/CHANGELOG.rdoc CHANGED

@@ -1,3 +1,18 @@
+=== 1.6.6.3 / 2015-11-16
+This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
+* CVE-2015-1819
+* CVE-2015-7941_1
+* CVE-2015-7941_2
+* CVE-2015-7942
+* CVE-2015-7942-2
+* CVE-2015-8035
+* CVE-2015-7995
+See #1374 for details.
 === 1.6.6.2 / 2015-01-23
 ==== Bug fixes

data/Manifest.txt CHANGED

@@ -244,6 +244,12 @@ lib/xercesImpl.jar
 lib/xsd/xmlparser/nokogiri.rb
 ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
 ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch
+ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch
+ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
+ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch
+ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch
+ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch
 ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
 ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
 ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
@@ -256,6 +262,7 @@ ports/patches/libxslt/0010-Fix-handling-of-UTF-8-strings-in-EXSLT-crypto-module.
 ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch
 ports/patches/libxslt/0014-Fix-for-bug-436589.patch
 ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch
+ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch
 ports/patches/sort-patches-by-date
 suppressions/README.txt
 suppressions/nokogiri_ree-1.8.7.358.supp

data/lib/nokogiri/nokogiri.jar CHANGED

Binary file

data/lib/nokogiri/version.rb CHANGED

@@ -1,6 +1,6 @@
 module Nokogiri
   # The version of Nokogiri you are using
-  VERSION = '1.6.6.2'
+  VERSION = '1.6.6.3'
   class VersionInfo # :nodoc:
     def jruby?

data/ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch ADDED

@@ -0,0 +1,32 @@
+From 99d99063ae5c4b6bd2b58324273401f3ce42a550 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Mon, 23 Feb 2015 11:17:35 +0800
+Subject: [PATCH 3/8] Stop parsing on entities boundaries errors
+For https://bugzilla.gnome.org/show_bug.cgi?id=744980
+There are times, like on unterminated entities that it's preferable to
+stop parsing, even if that means less error reporting. Entities are
+feeding the parser on further processing, and if they are ill defined
+then it's possible to get the parser to bug. Also do the same on
+Conditional Sections if the input is broken, as the structure of
+the document can't be guessed.
+---
+ parser.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/parser.c b/parser.c
+index 1d93967..7b0380c 100644
+--- a/parser.c
++++ b/parser.c
+@@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) {
+ 	if (RAW != '>') {
+ 	    xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED,
+ 	            "xmlParseEntityDecl: entity %s not terminated\n", name);
++	    xmlStopParser(ctxt);
+ 	} else {
+ 	    if (input != ctxt->input) {
+ 		xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY,
+--
+2.5.0

data/ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch ADDED

@@ -0,0 +1,49 @@
+From c8d3950c5532c2e3d954bacdb8c479bb9fdacf89 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Mon, 23 Feb 2015 11:29:20 +0800
+Subject: [PATCH 4/8] Cleanup conditional section error handling
+For https://bugzilla.gnome.org/show_bug.cgi?id=744980
+The error handling of Conditional Section also need to be
+straightened as the structure of the document can't be
+guessed on a failure there and it's better to stop parsing
+as further errors are likely to be irrelevant.
+---
+ parser.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/parser.c b/parser.c
+index 7b0380c..1e714e7 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	SKIP_BLANKS;
+ 	if (RAW != '[') {
+ 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
++	    xmlStopParser(ctxt);
++	    return;
+ 	} else {
+ 	    if (ctxt->input->id != id) {
+ 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
+@@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	SKIP_BLANKS;
+ 	if (RAW != '[') {
+ 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
++	    xmlStopParser(ctxt);
++	    return;
+ 	} else {
+ 	    if (ctxt->input->id != id) {
+ 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
+@@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+     } else {
+ 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
++	xmlStopParser(ctxt);
++	return;
+     }
+     if (RAW == 0)
+--
+2.5.0

data/ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch ADDED

@@ -0,0 +1,177 @@
+From 12f31177b0d9be57ed8fb3467b501606fb145286 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 14 Apr 2015 17:41:48 +0800
+Subject: [PATCH 5/8] CVE-2015-1819 Enforce the reader to run in constant
+ memory
+One of the operation on the reader could resolve entities
+leading to the classic expansion issue. Make sure the
+buffer used for xmlreader operation is bounded.
+Introduce a new allocation type for the buffers for this effect.
+---
+ buf.c                 | 43 ++++++++++++++++++++++++++++++++++++++++++-
+ include/libxml/tree.h |  3 ++-
+ xmlreader.c           | 20 +++++++++++++++++++-
+ 3 files changed, 63 insertions(+), 3 deletions(-)
+diff --git a/buf.c b/buf.c
+index 6efc7b6..07922ff 100644
+--- a/buf.c
++++ b/buf.c
+@@ -27,6 +27,7 @@
+ #include <libxml/tree.h>
+ #include <libxml/globals.h>
+ #include <libxml/tree.h>
++#include <libxml/parserInternals.h> /* for XML_MAX_TEXT_LENGTH */
+ #include "buf.h"
+ #define WITH_BUFFER_COMPAT
+@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
+     if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
+         (scheme == XML_BUFFER_ALLOC_EXACT) ||
+         (scheme == XML_BUFFER_ALLOC_HYBRID) ||
+-        (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
++        (scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
++	(scheme == XML_BUFFER_ALLOC_BOUNDED)) {
+ 	buf->alloc = scheme;
+         if (buf->buffer)
+             buf->buffer->alloc = scheme;
+@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
+     size = buf->use + len + 100;
+ #endif
++    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++        /*
++	 * Used to provide parsing limits
++	 */
++        if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
++	    (buf->size >= XML_MAX_TEXT_LENGTH)) {
++	    xmlBufMemoryError(buf, "buffer error: text too long\n");
++	    return(0);
++	}
++	if (size >= XML_MAX_TEXT_LENGTH)
++	    size = XML_MAX_TEXT_LENGTH;
++    }
+     if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
+         size_t start_buf = buf->content - buf->contentIO;
+@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
+     CHECK_COMPAT(buf)
+     if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
++    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++        /*
++	 * Used to provide parsing limits
++	 */
++        if (size >= XML_MAX_TEXT_LENGTH) {
++	    xmlBufMemoryError(buf, "buffer error: text too long\n");
++	    return(0);
++	}
++    }
+     /* Don't resize if we don't have to */
+     if (size < buf->size)
+@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
+     needSize = buf->use + len + 2;
+     if (needSize > buf->size){
++	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++	    /*
++	     * Used to provide parsing limits
++	     */
++	    if (needSize >= XML_MAX_TEXT_LENGTH) {
++		xmlBufMemoryError(buf, "buffer error: text too long\n");
++		return(-1);
++	    }
++	}
+         if (!xmlBufResize(buf, needSize)){
+ 	    xmlBufMemoryError(buf, "growing buffer");
+             return XML_ERR_NO_MEMORY;
+@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) {
+     }
+     needSize = buf->use + len + 2;
+     if (needSize > buf->size){
++	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++	    /*
++	     * Used to provide parsing limits
++	     */
++	    if (needSize >= XML_MAX_TEXT_LENGTH) {
++		xmlBufMemoryError(buf, "buffer error: text too long\n");
++		return(-1);
++	    }
++	}
+         if (!xmlBufResize(buf, needSize)){
+ 	    xmlBufMemoryError(buf, "growing buffer");
+             return XML_ERR_NO_MEMORY;
+diff --git a/include/libxml/tree.h b/include/libxml/tree.h
+index 2f90717..4a9b3bc 100644
+--- a/include/libxml/tree.h
++++ b/include/libxml/tree.h
+@@ -76,7 +76,8 @@ typedef enum {
+     XML_BUFFER_ALLOC_EXACT,	/* grow only to the minimal size */
+     XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */
+     XML_BUFFER_ALLOC_IO,	/* special allocation scheme used for I/O */
+-    XML_BUFFER_ALLOC_HYBRID	/* exact up to a threshold, and doubleit thereafter */
++    XML_BUFFER_ALLOC_HYBRID,	/* exact up to a threshold, and doubleit thereafter */
++    XML_BUFFER_ALLOC_BOUNDED	/* limit the upper size of the buffer */
+ } xmlBufferAllocationScheme;
+ /**
+diff --git a/xmlreader.c b/xmlreader.c
+index f19e123..471e7e2 100644
+--- a/xmlreader.c
++++ b/xmlreader.c
+@@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) {
+ 		"xmlNewTextReader : malloc failed\n");
+ 	return(NULL);
+     }
++    /* no operation on a reader should require a huge buffer */
++    xmlBufSetAllocationScheme(ret->buffer,
++			      XML_BUFFER_ALLOC_BOUNDED);
+     ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
+     if (ret->sax == NULL) {
+ 	xmlBufFree(ret->buffer);
+@@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
+ 	    return(((xmlNsPtr) node)->href);
+         case XML_ATTRIBUTE_NODE:{
+ 	    xmlAttrPtr attr = (xmlAttrPtr) node;
++	    const xmlChar *ret;
+ 	    if ((attr->children != NULL) &&
+ 	        (attr->children->type == XML_TEXT_NODE) &&
+@@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
+                                         "xmlTextReaderSetup : malloc failed\n");
+                         return (NULL);
+                     }
++		    xmlBufSetAllocationScheme(reader->buffer,
++		                              XML_BUFFER_ALLOC_BOUNDED);
+                 } else
+                     xmlBufEmpty(reader->buffer);
+ 	        xmlBufGetNodeContent(reader->buffer, node);
+-		return(xmlBufContent(reader->buffer));
++		ret = xmlBufContent(reader->buffer);
++		if (ret == NULL) {
++		    /* error on the buffer best to reallocate */
++		    xmlBufFree(reader->buffer);
++		    reader->buffer = xmlBufCreateSize(100);
++		    xmlBufSetAllocationScheme(reader->buffer,
++		                              XML_BUFFER_ALLOC_BOUNDED);
++		    ret = BAD_CAST "";
++		}
++		return(ret);
+ 	    }
+ 	    break;
+ 	}
+@@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader,
+                         "xmlTextReaderSetup : malloc failed\n");
+         return (-1);
+     }
++    /* no operation on a reader should require a huge buffer */
++    xmlBufSetAllocationScheme(reader->buffer,
++			      XML_BUFFER_ALLOC_BOUNDED);
+     if (reader->sax == NULL)
+ 	reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
+     if (reader->sax == NULL) {
+--
+2.5.0

data/ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch ADDED

@@ -0,0 +1,32 @@
+From 9ee30e69f63379b3caf451aa7ae4058a1fa2fa73 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Fri, 23 Oct 2015 19:02:28 +0800
+Subject: [PATCH 6/8] Another variation of overflow in Conditional sections
+Which happen after the previous fix to
+https://bugzilla.gnome.org/show_bug.cgi?id=756456
+But stopping the parser and exiting we didn't pop the intermediary entities
+and doing the SKIP there applies on an input which may be too small
+---
+ parser.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+diff --git a/parser.c b/parser.c
+index 1e714e7..0b8d633 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6904,7 +6904,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 	"All markup of the conditional section is not in the same entity\n",
+ 				 NULL, NULL);
+ 	}
+-        SKIP(3);
++	if ((ctxt-> instate != XML_PARSER_EOF) &&
++	    ((ctxt->input->cur + 3) < ctxt->input->end))
++	    SKIP(3);
+     }
+ }
+--
+2.5.0

data/ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch ADDED

@@ -0,0 +1,28 @@
+From 587f0e0133f51f3e09d1166cc0f6b24b50ddb357 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 27 Oct 2015 10:53:44 +0800
+Subject: [PATCH 7/8] Fix an error in previous Conditional section patch
+an off by one mistake in the change, led to error on correct
+document where the end of the included entity was exactly
+the end of the conditional section, leading to regtest failure
+---
+ parser.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/parser.c b/parser.c
+index 0b8d633..0650d2a 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6905,7 +6905,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
+ 				 NULL, NULL);
+ 	}
+ 	if ((ctxt-> instate != XML_PARSER_EOF) &&
+-	    ((ctxt->input->cur + 3) < ctxt->input->end))
++	    ((ctxt->input->cur + 3) <= ctxt->input->end))
+ 	    SKIP(3);
+     }
+ }
+--
+2.5.0

data/ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch ADDED

@@ -0,0 +1,31 @@
+From 8f905eeb2aa553ee50194ed38db7186653ec6e1c Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 3 Nov 2015 15:31:25 +0800
+Subject: [PATCH 8/8] CVE-2015-8035 Fix XZ compression support loop
+For https://bugzilla.gnome.org/show_bug.cgi?id=757466
+DoS when parsing specially crafted XML document if XZ support
+is compiled in (which wasn't the case for 2.9.2 and master since
+Nov 2013, fixed in next commit !)
+---
+ xzlib.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/xzlib.c b/xzlib.c
+index 0dcb9f4..1fab546 100644
+--- a/xzlib.c
++++ b/xzlib.c
+@@ -581,6 +581,10 @@ xz_decomp(xz_statep state)
+             xz_error(state, LZMA_DATA_ERROR, "compressed data error");
+             return -1;
+         }
++        if (ret == LZMA_PROG_ERROR) {
++            xz_error(state, LZMA_PROG_ERROR, "compression error");
++            return -1;
++        }
+     } while (strm->avail_out && ret != LZMA_STREAM_END);
+     /* update available output and crc check value */
+--
+2.5.0

data/ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch ADDED

@@ -0,0 +1,29 @@
+From 5865b9545891a38608374ff6458663e483a0dfb5 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Thu, 29 Oct 2015 19:33:23 +0800
+Subject: [PATCH] Fix for type confusion in preprocessing attributes
+CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
+We need to check that the parent node is an element before dereferencing
+its namespace
+---
+ libxslt/preproc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+diff --git a/libxslt/preproc.c b/libxslt/preproc.c
+index 4ef3f63..dac6acb 100644
+--- a/libxslt/preproc.c
++++ b/libxslt/preproc.c
+@@ -2245,7 +2245,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) {
+ 	} else if (IS_XSLT_NAME(inst, "attribute")) {
+ 	    xmlNodePtr parent = inst->parent;
+-	    if ((parent == NULL) || (parent->ns == NULL) ||
++	    if ((parent == NULL) ||
++	        (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
+ 		((parent->ns != inst->ns) &&
+ 		 (!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
+ 		(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
+--
+2.5.0

data/test_all CHANGED

@@ -14,11 +14,11 @@
 RUBIES="\
   ruby-2.2 \
   ruby-2.1 \
-  ruby-2.0.0-p598 \
+  ruby-2.0.0-p647 \
   ruby-1.9.3-p551 \
   ruby-1.9.2-p330 \
-  jruby-9.0.0.0.pre1 \
-  jruby-1.7.18
+  jruby-9.0.4.0 \
+  jruby-1.7.19
   "
 TEST_LOG=test.log

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nokogiri
 version: !ruby/object:Gem::Version
-  version: 1.6.6.2
+  version: 1.6.6.3
 platform: java
 authors:
 - Aaron Patterson
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-01-23 00:00:00.000000000 Z
+date: 2015-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rdoc
@@ -160,12 +160,12 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '3.13'
+        version: '3.14'
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '3.13'
+        version: '3.14'
   prerelease: false
   type: :development
 description: |-
@@ -431,6 +431,7 @@ files:
 - lib/nokogiri/html/sax/parser.rb
 - lib/nokogiri/html/sax/parser_context.rb
 - lib/nokogiri/html/sax/push_parser.rb
+- lib/nokogiri/nokogiri.jar
 - lib/nokogiri/syntax_error.rb
 - lib/nokogiri/version.rb
 - lib/nokogiri/xml.rb
@@ -475,6 +476,12 @@ files:
 - lib/xsd/xmlparser/nokogiri.rb
 - ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
 - ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
+- ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch
+- ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch
+- ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
+- ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch
+- ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch
+- ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch
 - ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
 - ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
 - ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
@@ -487,6 +494,7 @@ files:
 - ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch
 - ports/patches/libxslt/0014-Fix-for-bug-436589.patch
 - ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch
+- ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch
 - ports/patches/sort-patches-by-date
 - suppressions/README.txt
 - suppressions/nokogiri_ree-1.8.7.358.supp
@@ -601,7 +609,6 @@ files:
 - test/xslt/test_custom_functions.rb
 - test/xslt/test_exception_handling.rb
 - test_all
-- lib/nokogiri/nokogiri.jar
 homepage: http://nokogiri.org
 licenses:
 - MIT
@@ -624,78 +631,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.1.9
+rubygems_version: 2.4.5
 signing_key:
 specification_version: 4
 summary: Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser
-test_files:
-- test/test_reader.rb
-- test/test_memory_leak.rb
-- test/test_soap4r_sax.rb
-- test/test_nokogiri.rb
-- test/test_xslt_transforms.rb
-- test/test_convert_xpath.rb
-- test/test_encoding_handler.rb
-- test/test_css_cache.rb
-- test/xml/test_processing_instruction.rb
-- test/xml/test_c14n.rb
-- test/xml/test_builder.rb
-- test/xml/test_document_fragment.rb
-- test/xml/test_comment.rb
-- test/xml/test_unparented_node.rb
-- test/xml/test_node_reparenting.rb
-- test/xml/test_syntax_error.rb
-- test/xml/test_cdata.rb
-- test/xml/test_entity_reference.rb
-- test/xml/test_schema.rb
-- test/xml/test_xinclude.rb
-- test/xml/test_document.rb
-- test/xml/test_node_inheritance.rb
-- test/xml/test_text.rb
-- test/xml/test_xpath.rb
-- test/xml/test_element_decl.rb
-- test/xml/test_node_attributes.rb
-- test/xml/test_attribute_decl.rb
-- test/xml/test_node.rb
-- test/xml/test_reader_encoding.rb
-- test/xml/test_parse_options.rb
-- test/xml/test_node_set.rb
-- test/xml/test_dtd.rb
-- test/xml/test_document_encoding.rb
-- test/xml/test_entity_decl.rb
-- test/xml/test_node_encoding.rb
-- test/xml/test_attr.rb
-- test/xml/test_relax_ng.rb
-- test/xml/test_namespace.rb
-- test/xml/test_element_content.rb
-- test/xml/test_dtd_encoding.rb
-- test/xml/sax/test_parser_context.rb
-- test/xml/sax/test_parser.rb
-- test/xml/sax/test_push_parser.rb
-- test/xml/node/test_subclass.rb
-- test/xml/node/test_save_options.rb
-- test/css/test_tokenizer.rb
-- test/css/test_xpath_visitor.rb
-- test/css/test_nthiness.rb
-- test/css/test_parser.rb
-- test/html/test_builder.rb
-- test/html/test_document_fragment.rb
-- test/html/test_element_description.rb
-- test/html/test_document.rb
-- test/html/test_named_characters.rb
-- test/html/test_node.rb
-- test/html/test_document_encoding.rb
-- test/html/test_node_encoding.rb
-- test/html/sax/test_parser_context.rb
-- test/html/sax/test_parser.rb
-- test/html/sax/test_push_parser.rb
-- test/xslt/test_custom_functions.rb
-- test/xslt/test_exception_handling.rb
-- test/decorators/test_slop.rb
-- test/namespaces/test_namespaces_in_cloned_doc.rb
-- test/namespaces/test_additional_namespaces_in_builder_doc.rb
-- test/namespaces/test_namespaces_in_parsed_doc.rb
-- test/namespaces/test_namespaces_aliased_default.rb
-- test/namespaces/test_namespaces_preservation.rb
-- test/namespaces/test_namespaces_in_created_doc.rb
-- test/namespaces/test_namespaces_in_builder_doc.rb
+test_files: []