From dd5591bbfdd3e016f61ab2da3215bf6440c63452 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Mar 2019 21:23:26 +0200 Subject: [PATCH] Update `devise` gem Addresses CVE-2019-5421 https://github.com/plataformatec/devise/issues/4981 --- Gemfile | 2 +- Gemfile.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Gemfile b/Gemfile index b15577feb..8b654400c 100644 --- a/Gemfile +++ b/Gemfile @@ -51,7 +51,7 @@ gem 'liquid', '3.0.6' # for email templates # rights gem 'cancancan', '1.11.0' # autharization -gem 'devise', '4.4.3' # authenitcation +gem 'devise', '~> 4.0' gem 'grape' gem 'jbuilder', '2.2.16' # json api diff --git a/Gemfile.lock b/Gemfile.lock index 87d4bb82b..aa1608c18 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -126,7 +126,7 @@ GEM descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) - bcrypt (3.1.11) + bcrypt (3.1.12) bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) sassc (>= 2.0.0) @@ -170,7 +170,7 @@ GEM database_cleaner (1.6.1) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - devise (4.4.3) + devise (4.6.1) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0, < 6.0) @@ -337,9 +337,9 @@ GEM polyamorous (~> 1.1) rdoc (4.3.0) request_store (1.1.0) - responders (2.4.0) - actionpack (>= 4.2.0, < 5.3) - railties (>= 4.2.0, < 5.3) + responders (2.4.1) + actionpack (>= 4.2.0, < 6.0) + railties (>= 4.2.0, < 6.0) rest-client (2.0.1) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) @@ -470,7 +470,7 @@ DEPENDENCIES daemons-rails (= 1.2.1) data_migrate! database_cleaner - devise (= 4.4.3) + devise (~> 4.0) digidoc_client! epp (= 1.5.0)! epp-xml (= 1.1.0)!