Important: rubygem-nokogiri, rubygem18-nokogiri

Issue Overview:

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri < v1.13.4 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri >= 1.13.4. There are no known workarounds for this issue. (CVE-2022-24836)

Affected Packages:

rubygem-nokogiri, rubygem18-nokogiri

Issue Correction:
Run yum update rubygem-nokogiri to update your system.
Run yum update rubygem18-nokogiri to update your system.

New Packages:

i686:  
    rubygem21-nokogiri-doc-1.6.1-1.22.amzn1.i686  
    rubygem22-nokogiri-1.6.1-1.22.amzn1.i686  
    rubygem-nokogiri-debuginfo-1.6.1-1.22.amzn1.i686  
    rubygem20-nokogiri-1.6.1-1.22.amzn1.i686  
    rubygem21-nokogiri-1.6.1-1.22.amzn1.i686  
    rubygem22-nokogiri-doc-1.6.1-1.22.amzn1.i686  
    rubygem20-nokogiri-doc-1.6.1-1.22.amzn1.i686  
    rubygem18-nokogiri-1.5.11-1.16.amzn1.i686  
    rubygem18-nokogiri-debuginfo-1.5.11-1.16.amzn1.i686  
    rubygem18-nokogiri-doc-1.5.11-1.16.amzn1.i686  
  
src:  
    rubygem-nokogiri-1.6.1-1.22.amzn1.src  
    rubygem18-nokogiri-1.5.11-1.16.amzn1.src  
  
x86_64:  
    rubygem20-nokogiri-doc-1.6.1-1.22.amzn1.x86_64  
    rubygem22-nokogiri-doc-1.6.1-1.22.amzn1.x86_64  
    rubygem21-nokogiri-1.6.1-1.22.amzn1.x86_64  
    rubygem-nokogiri-debuginfo-1.6.1-1.22.amzn1.x86_64  
    rubygem20-nokogiri-1.6.1-1.22.amzn1.x86_64  
    rubygem21-nokogiri-doc-1.6.1-1.22.amzn1.x86_64  
    rubygem22-nokogiri-1.6.1-1.22.amzn1.x86_64  
    rubygem18-nokogiri-doc-1.5.11-1.16.amzn1.x86_64  
    rubygem18-nokogiri-1.5.11-1.16.amzn1.x86_64  
    rubygem18-nokogiri-debuginfo-1.5.11-1.16.amzn1.x86_64  

Additional References

Red Hat: CVE-2022-24836

Mitre: CVE-2022-24836