release planning: v1.17.0
flavorjones opened this issue · comments
Mike Dalessio commented
- See milestone https://github.com/sparklemotion/nokogiri/milestone/31
- punchlist
- acknowledge sponsors
- existing recurring sponsors
- new sponsors:
- @velocity-labs via https://opencollective.com/velocity-labs
- @captn3m0 via https://opencollective.com/nemo
- @fnando
- @mrhenry
- @kwbauson
- @niccokunzmann
- @nandangpk
- @zokioki
- @orien
- anonymous/private donor
- acknowledge sponsors
skurni commented
Hi @flavorjones / team, zlib has released version 1.3.1 which contains a fix for CVE-2023-45853. See madler/zlib#868. Is it possible to update the same in nokogiri? I see that it is pointing to 1.3 in dependencies.yml.
Mike Dalessio commented
@skurni Thanks for asking. Can you please open a new issue for this? If it's a security issue then we shouldn't wait for the next minor. But I also don't know much about this issue or the release, so I'm not sure if it's a security issue. So let's have that conversation in a new issue, thanks!
skurni commented
Thanks @flavorjones, I've opened an issue here: #3172