Log Message:
ruby-nokogiri: update to 1.13.9.

Upstream changes:
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.9

1.13.9 / 2022-10-18

Security

  * [CRuby] Vendored libxml2 is updated to address CVE-2022-2309,
    CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for more
    information.
  * [CRuby] Vendored zlib is updated to address CVE-2022-37434.
    Nokogiri was not affected by this vulnerability, but this version
    of zlib was being flagged up by some vulnerability scanners,
    see #2626 for more information.

Dependencies

  * [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
  * [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
  * [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13.
    (See LICENSE-DEPENDENCIES.md for details on which packages redistribute
    this library.)

Fixed

  * [CRuby] Nokogiri::XML::Namespace objects, when compacted, update
    their internal struct's reference to the Ruby object wrapper.
    Previously, with GC compaction enabled, a segmentation fault was
    possible after compaction was
    triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)
  * [CRuby] Document#remove_namespaces! now defers freeing the underlying
    xmlNs struct until the Document is GCed. Previously, maintaining a
    reference to a Namespace object that was removed in this way could
    lead to a segfault. [#2658]