ruby-nokogiri (1.6.7.2-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Command injection vulnerability. - debian/patches/CVE-2019-5477.patch: prefer File.open to Kernel.open. - CVE-2019-5477 -- Eduardo Barretto <email address hidden> Mon, 04 Nov 2019 11:28:45 -0300