K 10
svn:author
V 2
tz
K 8
svn:date
V 27
2016-08-10T14:21:02.886121Z
K 7
svn:log
V 565
security/rubygem-devise-two-factor: Update from 2.1.0 to 3.0.0


3.0.0.
- Adds support for Devise 4.
- Relax dependencies to allow attr_encrypted 3.x.
- Blocks the use of attr_encrypted 2.x. There was a significant
  vulnerability in the encryption implementation in attr_encrypted 2.x,
  and that version of the gem should not be used.

2.2.0
- Use 192 bits, not 1024, as a secret key length. RFC 4226 recommends a
  minimum length of 128 bits and a recommended length of 160 bits.
  Google Authenticator doesn't accept 160 bit keys.

Approved by: swills (mentor)

END