commit: e4db0f28d29e391108154d57606f3cb2c48d67e2
parent: e7d741ece3da4f1555423fb0f25309238c0dce8d
Author: Patrick Figel <patrick@figel.email>
Date: Fri, 2 Mar 2018 02:32:08 +0100
Update omniauth-saml to 1.10 (#6587)
Fixes CVE-2017-11428
Diffstat:
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/Gemfile b/Gemfile
@@ -35,7 +35,7 @@ gem 'devise-two-factor', '~> 3.0'
gem 'devise_pam_authenticatable2', '~> 8.0', install_if: -> { ENV['PAM_ENABLED'] == 'true' }
gem 'net-ldap', '~> 0.10', install_if: -> { ENV['LDAP_ENABLED'] == 'true' }
gem 'omniauth-cas', '~> 1.1', install_if: -> { ENV['CAS_ENABLED'] == 'true' }
-gem 'omniauth-saml', '~> 1.8', install_if: -> { ENV['SAML_ENABLED'] == 'true' }
+gem 'omniauth-saml', '~> 1.10', install_if: -> { ENV['SAML_ENABLED'] == 'true' }
gem 'omniauth', '~> 1.2'
gem 'doorkeeper', '~> 4.2'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -338,9 +338,9 @@ GEM
addressable (~> 2.3)
nokogiri (~> 1.5)
omniauth (~> 1.2)
- omniauth-saml (1.9.0)
+ omniauth-saml (1.10.0)
omniauth (~> 1.3, >= 1.3.2)
- ruby-saml (~> 1.4, >= 1.4.3)
+ ruby-saml (~> 1.7)
orm_adapter (0.5.0)
ostatus2 (2.0.3)
addressable (~> 2.5)
@@ -496,7 +496,7 @@ GEM
unicode-display_width (~> 1.0, >= 1.0.1)
ruby-oembed (0.12.0)
ruby-progressbar (1.9.0)
- ruby-saml (1.6.1)
+ ruby-saml (1.7.2)
nokogiri (>= 1.5.10)
rufus-scheduler (3.4.2)
et-orbi (~> 1.0)
@@ -673,7 +673,7 @@ DEPENDENCIES
oj (~> 3.3)
omniauth (~> 1.2)
omniauth-cas (~> 1.1)
- omniauth-saml (~> 1.8)
+ omniauth-saml (~> 1.10)
ostatus2 (~> 2.0)
ox (~> 2.8)
paperclip (~> 5.1)
