Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 10 Aug 2016 14:21:03 +0000 (UTC)
From:      Torsten Zuehlsdorff <tz@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r420024 - head/security/rubygem-devise-two-factor
Message-ID:  <201608101421.u7AEL33T089560@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: tz
Date: Wed Aug 10 14:21:02 2016
New Revision: 420024
URL: https://svnweb.freebsd.org/changeset/ports/420024

Log:
  security/rubygem-devise-two-factor: Update from 2.1.0 to 3.0.0
  
  
  3.0.0.
  - Adds support for Devise 4.
  - Relax dependencies to allow attr_encrypted 3.x.
  - Blocks the use of attr_encrypted 2.x. There was a significant
    vulnerability in the encryption implementation in attr_encrypted 2.x,
    and that version of the gem should not be used.
  
  2.2.0
  - Use 192 bits, not 1024, as a secret key length. RFC 4226 recommends a
    minimum length of 128 bits and a recommended length of 160 bits.
    Google Authenticator doesn't accept 160 bit keys.
  
  Approved by: swills (mentor)

Modified:
  head/security/rubygem-devise-two-factor/Makefile
  head/security/rubygem-devise-two-factor/distinfo

Modified: head/security/rubygem-devise-two-factor/Makefile
==============================================================================
--- head/security/rubygem-devise-two-factor/Makefile	Wed Aug 10 14:19:34 2016	(r420023)
+++ head/security/rubygem-devise-two-factor/Makefile	Wed Aug 10 14:21:02 2016	(r420024)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	devise-two-factor
-PORTVERSION=	2.1.0
+PORTVERSION=	3.0.0
 CATEGORIES=	security rubygems
 MASTER_SITES=	RG
 
@@ -14,7 +14,7 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 RUN_DEPENDS=	rubygem-activesupport4>=0:devel/rubygem-activesupport4 \
 		rubygem-attr_encrypted>=1.3:security/rubygem-attr_encrypted \
-		rubygem-devise-rails4>=3.5:devel/rubygem-devise-rails4 \
+		rubygem-devise-rails4>=4.0:devel/rubygem-devise-rails4 \
 		rubygem-railties4>=0:www/rubygem-railties4 \
 		rubygem-rotp>=2.0:devel/rubygem-rotp
 

Modified: head/security/rubygem-devise-two-factor/distinfo
==============================================================================
--- head/security/rubygem-devise-two-factor/distinfo	Wed Aug 10 14:19:34 2016	(r420023)
+++ head/security/rubygem-devise-two-factor/distinfo	Wed Aug 10 14:21:02 2016	(r420024)
@@ -1,2 +1,3 @@
-SHA256 (rubygem/devise-two-factor-2.1.0.gem) = 0adfac2887441f7dfeced64722fea189d3c70f970fd278a9f3fe4ae3481b85bf
-SIZE (rubygem/devise-two-factor-2.1.0.gem) = 26112
+TIMESTAMP = 1469115414
+SHA256 (rubygem/devise-two-factor-3.0.0.gem) = fa116fcd6e0a94d5a0581e230a9ac286eee8c17299d54e36ad443d5a346f74de
+SIZE (rubygem/devise-two-factor-3.0.0.gem) = 27648

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608101421.u7AEL33T089560>