Update omniauth-oauth2 dependency to 1.1.0 (security) #67

kitop opened this Issue Jul 6, 2012 · 1 comment


None yet
2 participants

kitop commented Jul 6, 2012

omniauth-oauth2 has been updated to prevent CSFR as described here: http://homakov.blogspot.com/2012/07/saferweb-most-common-oauth2.html
(Pull request: intridea/omniauth-oauth2#18 and Discussion: intridea/omniauth#612)

It would be good to update the gemspec dependency to support omniauth-oauth2 ~>1.1.0


mkdynamic commented Jul 7, 2012

Done. Version is 1.4.1.

mkdynamic closed this Jul 7, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment