svn commit: r420024 - head/security/rubygem-devise-two-factor
Torsten Zuehlsdorff
tz at FreeBSD.org
Wed Aug 10 14:21:04 UTC 2016
Author: tz
Date: Wed Aug 10 14:21:02 2016
New Revision: 420024
URL: https://svnweb.freebsd.org/changeset/ports/420024
Log:
security/rubygem-devise-two-factor: Update from 2.1.0 to 3.0.0
3.0.0.
- Adds support for Devise 4.
- Relax dependencies to allow attr_encrypted 3.x.
- Blocks the use of attr_encrypted 2.x. There was a significant
vulnerability in the encryption implementation in attr_encrypted 2.x,
and that version of the gem should not be used.
2.2.0
- Use 192 bits, not 1024, as a secret key length. RFC 4226 recommends a
minimum length of 128 bits and a recommended length of 160 bits.
Google Authenticator doesn't accept 160 bit keys.
Approved by: swills (mentor)
Modified:
head/security/rubygem-devise-two-factor/Makefile
head/security/rubygem-devise-two-factor/distinfo
Modified: head/security/rubygem-devise-two-factor/Makefile
==============================================================================
--- head/security/rubygem-devise-two-factor/Makefile Wed Aug 10 14:19:34 2016 (r420023)
+++ head/security/rubygem-devise-two-factor/Makefile Wed Aug 10 14:21:02 2016 (r420024)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= devise-two-factor
-PORTVERSION= 2.1.0
+PORTVERSION= 3.0.0
CATEGORIES= security rubygems
MASTER_SITES= RG
@@ -14,7 +14,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE
RUN_DEPENDS= rubygem-activesupport4>=0:devel/rubygem-activesupport4 \
rubygem-attr_encrypted>=1.3:security/rubygem-attr_encrypted \
- rubygem-devise-rails4>=3.5:devel/rubygem-devise-rails4 \
+ rubygem-devise-rails4>=4.0:devel/rubygem-devise-rails4 \
rubygem-railties4>=0:www/rubygem-railties4 \
rubygem-rotp>=2.0:devel/rubygem-rotp
Modified: head/security/rubygem-devise-two-factor/distinfo
==============================================================================
--- head/security/rubygem-devise-two-factor/distinfo Wed Aug 10 14:19:34 2016 (r420023)
+++ head/security/rubygem-devise-two-factor/distinfo Wed Aug 10 14:21:02 2016 (r420024)
@@ -1,2 +1,3 @@
-SHA256 (rubygem/devise-two-factor-2.1.0.gem) = 0adfac2887441f7dfeced64722fea189d3c70f970fd278a9f3fe4ae3481b85bf
-SIZE (rubygem/devise-two-factor-2.1.0.gem) = 26112
+TIMESTAMP = 1469115414
+SHA256 (rubygem/devise-two-factor-3.0.0.gem) = fa116fcd6e0a94d5a0581e230a9ac286eee8c17299d54e36ad443d5a346f74de
+SIZE (rubygem/devise-two-factor-3.0.0.gem) = 27648
More information about the svn-ports-all
mailing list