Revert "Exclude Devise versions vulnerable to CVE-2013-0233"

timoschilling · timoschilling · commit 46e75a07dbfa · 2015-01-24T12:48:25.000+01:00
it is not the task of such frameworks to make this restrictions This reverts commit fd45502.
diff --git a/activeadmin.gemspec b/activeadmin.gemspec
@@ -20,12 +20,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency "arbre",               "~> 1.0"
   s.add_dependency "bourbon",             ">= 1.0.0", "< 4"
-  s.add_dependency "devise",              ">= 1.5.4", "< 4",
-    # Exclude Devise versions vulnerable to CVE-2013-0233
-      "!= 2.0.0", "!= 2.0.1", "!= 2.0.2", "!= 2.0.3", "!= 2.0.4",
-      "!= 2.1.0", "!= 2.1.1", "!= 2.1.2",
-      "!= 2.2.0", "!= 2.2.1", "!= 2.2.2"
-    #
+  s.add_dependency "devise",              ">= 1.5.4", "< 4"
   s.add_dependency "formtastic",          "~> 2.0"
   s.add_dependency "inherited_resources", "~> 1.3"
   s.add_dependency "jquery-rails",        ">= 1.0.0", "< 3"
