From 944e3181dfa6c1dabf30d78eb5c315c23b4b5d04 Mon Sep 17 00:00:00 2001
From: Jason Frey <fryguy9@gmail.com>
Date: Thu, 29 Aug 2024 11:01:01 -0400
Subject: [PATCH] Bump rexml to 3.3.6 for CVE-2024-43398

---
 manageiq-gems-pending.gemspec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manageiq-gems-pending.gemspec b/manageiq-gems-pending.gemspec
index 2abe58b5..556578c4 100644
--- a/manageiq-gems-pending.gemspec
+++ b/manageiq-gems-pending.gemspec
@@ -28,7 +28,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "more_core_extensions",    "~> 4.4"
   s.add_runtime_dependency "net-ftp",                 "~> 0.1.2"
   s.add_runtime_dependency "nokogiri",                "~> 1.14", ">= 1.14.3"
-  s.add_runtime_dependency "rexml",                   ">= 3.3.4"
+  s.add_runtime_dependency "rexml",                   ">= 3.3.6"
   s.add_runtime_dependency "sys-proctable",           "~> 1.2.5"
   s.add_runtime_dependency "sys-uname",               "~> 1.2.1"
   s.add_runtime_dependency "win32ole",                "~> 1.8.8" # this gem was extracted in ruby 3 - required if we use wmi on windows