-
Notifications
You must be signed in to change notification settings - Fork 186
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
omniauth version has vuneralbilities #25
Comments
@NeilH-CCS haven't heard about it despite this repo has enabled security alerts. Can you share a link to this vulnerability description? |
I have added it my original post. |
@NeilH-CCS could you test this branch for regressions?
|
This branch seems to be fixed and works with our integration. Please go ahead and release if you can. |
Github is reporting a venerability in versions of omniauth before 1.9.0, this gem appears to be tied to v1.3. Can this dependancy be bumped?
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9284
The text was updated successfully, but these errors were encountered: