From fa1cb609f62bc6a578046eddb41b5165bb884302 Mon Sep 17 00:00:00 2001
From: Marcelo Juchem <juchem@gmail.com>
Date: Mon, 23 Apr 2018 15:49:43 -0700
Subject: [PATCH 1/2] Upgrading `nokogiri` gem due to security vulnerability

Note that this upgrade changes minimum required ruby version from
1.9.3-p551 to 2.1.8.

```
$ bundle audit check
Name: nokogiri
Version: 1.6.8.1
Advisory: CVE-2016-4658
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1615
Title: Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
Solution: upgrade to >= 1.7.1

Name: nokogiri
Version: 1.6.8.1
Advisory: CVE-2017-5029
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1634
Title: Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29
Solution: upgrade to >= 1.7.2

Name: nokogiri
Version: 1.6.8.1
Advisory: CVE-2016-4658
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1615
Title: Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
Solution: upgrade to >= 1.7.1

Name: nokogiri
Version: 1.6.8.1
Advisory: CVE-2017-5029
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1634
Title: Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29
Solution: upgrade to >= 1.7.2

Vulnerabilities found!
```
---
 Gemfile.lock | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 351c8b8c..d5dbd37d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -23,7 +23,7 @@ GEM
       aws-sdk-v1 (= 1.67.0)
     aws-sdk-v1 (1.67.0)
       json (~> 1.4)
-      nokogiri (~> 1)
+      nokogiri (>= 1.7.2)
     coderay (1.1.0)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
@@ -46,12 +46,12 @@ GEM
       little-plugger (>= 1.1.3)
       multi_json (>= 1.8.4)
     method_source (0.8.2)
-    mini_portile2 (2.1.0)
+    mini_portile2 (2.3.0)
     minitest (5.9.0)
     multi_json (1.13.1)
-    nokogiri (1.6.8.1)
-      mini_portile2 (~> 2.1.0)
-    nokogiri (1.6.8.1-java)
+    nokogiri (1.8.2)
+      mini_portile2 (~> 2.3.0)
+    nokogiri (1.8.2-java)
     pry (0.10.3)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)

From 7ba53882b4c77c26e0906c91275b451fc05d90f4 Mon Sep 17 00:00:00 2001
From: Marcelo Juchem <juchem@gmail.com>
Date: Mon, 23 Apr 2018 16:41:31 -0700
Subject: [PATCH 2/2] removing CI for versions that are not supported anymore

---
 .travis.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index a5b90bac..1f2e99a0 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,8 +2,6 @@ language: ruby
 cache: bundler
 sudo: false
 rvm:
-  - 1.9.3-p551
-  - 2.0.0-p648
   - 2.1.10
   - 2.2.5
   - 2.3.1