From b7817b6a62ac210203a451d1a691a824288e9eab Mon Sep 17 00:00:00 2001
From: Mike Dalessio <mike.dalessio@gmail.com>
Date: Sat, 7 May 2022 12:05:37 -0400
Subject: [PATCH] version bump to v1.13.6

---
 CHANGELOG.md                     | 12 ++++++++++++
 lib/nokogiri/version/constant.rb |  2 +-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1d2bb4b6f5d..4c3fa6a44fb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,18 @@ Nokogiri follows [Semantic Versioning](https://semver.org/), please see the [REA
 
 ---
 
+## 1.13.6 / 2022-05-08
+
+### Security
+
+* [CRuby] Address [CVE-2022-29181](https://nvd.nist.gov/vuln/detail/CVE-2022-29181), improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See [GHSA-xh29-r2w5-wx8m](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m) for more information.
+
+
+### Improvements
+
+* `{HTML4,XML}::SAX::{Parser,ParserContext}` constructor methods now raise `TypeError` instead of segfaulting when an incorrect type is passed.
+
+
 ## 1.13.5 / 2022-05-04
 
 ### Security
diff --git a/lib/nokogiri/version/constant.rb b/lib/nokogiri/version/constant.rb
index e22b714da12..7398b24d816 100644
--- a/lib/nokogiri/version/constant.rb
+++ b/lib/nokogiri/version/constant.rb
@@ -2,5 +2,5 @@
 
 module Nokogiri
   # The version of Nokogiri you are using
-  VERSION = "1.13.5"
+  VERSION = "1.13.6"
 end