Upgrade nokogiri to version 1.10.8 or later

[mrpandey]

I received an alert on GitHub saying that current nokogiri version is vulnerable. Suggested remediation is to update nokogiri to version 1.10.8. Currently it is 1.10.4.

CVE-2020-7595 moderate severity Vulnerable versions: < 1.10.8 Patched version: 1.10.8

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file > situation. The Nokogiri RubyGem has patched it's vendored copy of libxml2 in order to prevent this issue from affecting nokogiri.