Merge branch 'rs-gem-security' into 'master'
Bump omniauth-saml to 1.4.1
Updates a vulnerable `ruby-saml` dependency.
- 9853651b96
- https://github.com/onelogin/ruby-saml/pull/247
See merge request !1162
This commit is contained in:
commit
0b5dc5cd52
2
Gemfile
2
Gemfile
|
@ -24,7 +24,7 @@ gem 'omniauth-shibboleth'
|
|||
gem 'omniauth-kerberos', group: :kerberos
|
||||
gem 'omniauth-gitlab'
|
||||
gem 'omniauth-bitbucket'
|
||||
gem 'omniauth-saml'
|
||||
gem 'omniauth-saml', '~> 1.4.0'
|
||||
gem 'doorkeeper', '2.1.3'
|
||||
gem "rack-oauth2", "~> 1.0.5"
|
||||
|
||||
|
|
12
Gemfile.lock
12
Gemfile.lock
|
@ -426,9 +426,9 @@ GEM
|
|||
omniauth-oauth2 (1.1.1)
|
||||
oauth2 (~> 0.8.0)
|
||||
omniauth (~> 1.0)
|
||||
omniauth-saml (1.3.1)
|
||||
omniauth-saml (1.4.1)
|
||||
omniauth (~> 1.1)
|
||||
ruby-saml (~> 0.8.1)
|
||||
ruby-saml (~> 1.0.0)
|
||||
omniauth-shibboleth (1.1.1)
|
||||
omniauth (>= 1.0.0)
|
||||
omniauth-twitter (1.0.1)
|
||||
|
@ -572,8 +572,8 @@ GEM
|
|||
rainbow (>= 1.99.1, < 3.0)
|
||||
ruby-progressbar (~> 1.4)
|
||||
ruby-progressbar (1.7.1)
|
||||
ruby-saml (0.8.2)
|
||||
nokogiri (>= 1.5.0)
|
||||
ruby-saml (1.0.0)
|
||||
nokogiri (>= 1.5.10)
|
||||
uuid (~> 2.3)
|
||||
ruby2ruby (2.1.3)
|
||||
ruby_parser (~> 3.1)
|
||||
|
@ -713,7 +713,7 @@ GEM
|
|||
raindrops (~> 0.7)
|
||||
unicorn-worker-killer (0.4.2)
|
||||
unicorn (~> 4)
|
||||
uuid (2.3.7)
|
||||
uuid (2.3.8)
|
||||
macaddr (~> 1.0)
|
||||
version_sorter (2.0.0)
|
||||
virtus (1.0.1)
|
||||
|
@ -817,7 +817,7 @@ DEPENDENCIES
|
|||
omniauth-gitlab
|
||||
omniauth-google-oauth2
|
||||
omniauth-kerberos
|
||||
omniauth-saml
|
||||
omniauth-saml (~> 1.4.0)
|
||||
omniauth-shibboleth
|
||||
omniauth-twitter
|
||||
org-ruby (= 0.9.12)
|
||||
|
|
Loading…
Reference in New Issue