From 356c541fdc7f4cba9e43475b3701f3c408c1b299 Mon Sep 17 00:00:00 2001
From: "kirby@puppetlabs.com" <mk.kirby@gmail.com>
Date: Thu, 19 Apr 2018 15:30:45 -0700
Subject: [PATCH] (POOLER-101) Update nokogiri and net-ldap

This commit updates nokogiri and net-ldap to versions that have fixed known vulnerabilities. Without this change vmpooler requires versions of each gem that contain known vulnerabilities.
---
 Gemfile | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/Gemfile b/Gemfile
index 2c47177..e7fe5ff 100644
--- a/Gemfile
+++ b/Gemfile
@@ -8,24 +8,21 @@ gem 'rack', '~> 1.6'
 gem 'rake', '>= 10.4'
 gem 'rbvmomi', '>= 1.8'
 gem 'sinatra', '>= 1.4'
-gem 'net-ldap', '<= 0.12.1' # keep compatibility w/ jruby & mri-1.9.3
+gem 'net-ldap', '>= 0.16.1'
 gem 'statsd-ruby', '>= 1.3.0', :require => 'statsd'
 gem 'connection_pool', '>= 2.2.1'
+gem 'nokogiri', '>= 1.8.2'
 
 # Pin gems against Ruby version
 # Note we can't use platform restrictions easily so use
 # lowest version range any platform
 # ----
-# nokogiri
 # redis
 if RUBY_VERSION =~ /^2\.[1]/
-  gem 'nokogiri', '~> 1.7.0'
   gem 'redis', '~> 3.0'
 elsif RUBY_VERSION =~ /^2\.2\.[01]/
-  gem 'nokogiri', "~> 1.7"
   gem 'redis', '~> 3.0'
 else
-  gem 'nokogiri', "~> 1.7"
   gem 'redis', '>= 3.2'
 end