From 3596dc3124414988ba3dca4e223d39431e83a6af Mon Sep 17 00:00:00 2001
From: Ben Abrams <me@benabrams.it>
Date: Mon, 26 Mar 2018 14:09:44 -0700
Subject: [PATCH] [CVE-2017-17042] update vulnerable `yard` dependency

Signed-off-by: Ben Abrams <me@benabrams.it>
---
 CHANGELOG.md               | 3 +++
 sensu-plugins-chef.gemspec | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 36d8a01..d056f91 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,9 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
 
 ## [Unreleased]
 
+### Security
+- updated yard dependency to `~> 0.9.11` per: https://nvd.nist.gov/vuln/detail/CVE-2017-17042 (@majormoses)
+
 ## [5.0.0] - 2018-01-31
 ### Security
 - updated `rubocop` dependency to `~> 0.51.0` per: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8418. (@geewiz)
diff --git a/sensu-plugins-chef.gemspec b/sensu-plugins-chef.gemspec
index 4537c23..e1c5c08 100644
--- a/sensu-plugins-chef.gemspec
+++ b/sensu-plugins-chef.gemspec
@@ -57,5 +57,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'redcarpet',                 '~> 3.2'
   s.add_development_dependency 'rspec',                     '~> 3.4'
   s.add_development_dependency 'rubocop',                   '~> 0.51.0'
-  s.add_development_dependency 'yard',                      '~> 0.8'
+  s.add_development_dependency 'yard',                      '~> 0.9.11'
 end