From c8cf159d14b2fcda0054a32e1f2595e45f3d8e7b Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Mon, 27 Jun 2016 10:37:54 -0500
Subject: [PATCH] Update omniauth-saml to 1.6.0 to address a security
 vulnerability in ruby-saml

---
 Gemfile      | 2 +-
 Gemfile.lock | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/Gemfile b/Gemfile
index 895970dcca3fa..7228decf680a2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -30,7 +30,7 @@ gem 'omniauth-github',        '~> 1.1.1'
 gem 'omniauth-gitlab',        '~> 1.0.0'
 gem 'omniauth-google-oauth2', '~> 0.2.0'
 gem 'omniauth-kerberos',      '~> 0.3.0', group: :kerberos
-gem 'omniauth-saml',          '~> 1.5.0'
+gem 'omniauth-saml',          '~> 1.6.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd',         '~> 2.2.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index 3f3ceb667b5df..66660f546e7ae 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -459,9 +459,9 @@ GEM
     omniauth-oauth2 (1.3.1)
       oauth2 (~> 1.0)
       omniauth (~> 1.2)
-    omniauth-saml (1.5.0)
+    omniauth-saml (1.6.0)
       omniauth (~> 1.3)
-      ruby-saml (~> 1.1, >= 1.1.1)
+      ruby-saml (~> 1.3)
     omniauth-shibboleth (1.2.1)
       omniauth (>= 1.0.0)
     omniauth-twitter (1.2.1)
@@ -622,9 +622,8 @@ GEM
     ruby-fogbugz (0.2.1)
       crack (~> 0.4)
     ruby-progressbar (1.8.1)
-    ruby-saml (1.1.2)
+    ruby-saml (1.3.0)
       nokogiri (>= 1.5.10)
-      uuid (~> 2.3)
     ruby_parser (3.8.2)
       sexp_processor (~> 4.1)
     rubyntlm (0.5.2)
@@ -912,7 +911,7 @@ DEPENDENCIES
   omniauth-gitlab (~> 1.0.0)
   omniauth-google-oauth2 (~> 0.2.0)
   omniauth-kerberos (~> 0.3.0)
-  omniauth-saml (~> 1.5.0)
+  omniauth-saml (~> 1.6.0)
   omniauth-shibboleth (~> 1.2.0)
   omniauth-twitter (~> 1.2.0)
   omniauth_crowd (~> 2.2.0)
-- 
GitLab