From a8008571b3a171163050c0f648070a05b6617a5c Mon Sep 17 00:00:00 2001
From: Dennis Schubert <mail@dennis-schubert.de>
Date: Thu, 21 Jan 2016 20:55:46 +0100
Subject: [PATCH] Bump devise

---
 Changelog.md | 1 +
 Gemfile      | 2 +-
 Gemfile.lock | 6 +++---
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index bc877e4c5..c6bb6cd75 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,7 @@
 # 0.5.6.1
 
 * Fix Nokogiri CVE-2015-7499
+* Fix unsafe "Remember me" cookies in Devise
 
 # 0.5.6.0
 
diff --git a/Gemfile b/Gemfile
index ed7ee745d..1c19b22ce 100644
--- a/Gemfile
+++ b/Gemfile
@@ -22,7 +22,7 @@ gem "json-schema", "2.5.2"
 
 # Authentication
 
-gem "devise", "3.5.3"
+gem "devise", "3.5.4"
 gem "devise_lastseenable", "0.0.6"
 gem "devise-token_authenticatable", "~> 0.4.0"
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 3cd8b60fb..44908d837 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -131,7 +131,7 @@ GEM
       nokogiri (~> 1.5)
       rails (>= 3, < 5)
     database_cleaner (1.5.1)
-    devise (3.5.3)
+    devise (3.5.4)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
@@ -607,7 +607,7 @@ GEM
       thor (>= 0.18.1, < 2.0)
     rainbow (2.0.0)
     raindrops (0.15.0)
-    rake (10.4.2)
+    rake (10.5.0)
     rb-fsevent (0.9.6)
     rb-inotify (0.9.5)
       ffi (>= 0.5.0)
@@ -788,7 +788,7 @@ DEPENDENCIES
   configurate (= 0.3.1)
   cucumber-rails (= 1.4.2)
   database_cleaner (= 1.5.1)
-  devise (= 3.5.3)
+  devise (= 3.5.4)
   devise-token_authenticatable (~> 0.4.0)
   devise_lastseenable (= 0.0.6)
   diaspora-vines (~> 0.2.0.develop)