textproc/rubygem-nokogiri: update to 1.13.3
This fixes a regression from:
https://cgit.freebsd.org/ports/commit/?id=ef5f30e4deae
Changelog:
https://nokogiri.org/CHANGELOG.html#notes
1.13.3 / 2022-02-21¶
Fixed¶
[CRuby] Revert a HTML4 parser bug in libxml 2.9.13 (introduced in Nokogiri v1.13.2). The bug causes libxml2's HTML4 parser to fail to recover when encountering a bare < character in some contexts. This version of Nokogiri restores the earlier behavior, which is to recover from the parse error and treat the < as normal character data (which will be serialized as < in a text node). The bug (and the fix) is only relevant when the RECOVER parse option is set, as it is by default. [#2461]
1.13.2 / 2022-02-21¶
Security¶
[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308. [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560.
Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs.
Dependencies¶
[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news
PR: 262159
Reported by: lysfjord.daniel@smokepit.net