Upgrade attr_encrypted and encryptor

attr_encrypted (1.3.4 => 3.0.1) Changelog: https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m d attr_encrypted 2.x included a vulnerability, so that major version is skipped. 3.x requires that the algorithm and mode used by each encrypted attribute is specified explicitly. `nil` is no longer a valid value for the encrypted_value_iv field, so it’s changed to a randomly generated string.
author: Connor Shea <connor.james.shea@gmail.com> 2016-05-19 21:55:25 +0300
committer: Connor Shea <connor.james.shea@gmail.com> 2016-05-30 22:51:21 +0300
commit: d287315dbf1a1493e3f2c2511e559204cc914ff8 (patch)
tree: e8ad832255adec67b700a73e4cf853392e27bbb8 /app/models/project_import_data.rb
parent: d47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/project_import_data.rb b/app/models/project_import_data.rb
index e2f9ffb69ac..ca8a9b4217b 100644
--- a/app/models/project_import_data.rb
+++ b/app/models/project_import_data.rb
@@ -6,7 +6,8 @@ class ProjectImportData < ActiveRecord::Base
                  key: Gitlab::Application.secrets.db_key_base,
                  marshal: true,
                  encode: true,
-                 mode: :per_attribute_iv_and_salt
+                 mode: :per_attribute_iv_and_salt,
+                 algorithm: 'aes-256-cbc'
 
   serialize :data, JSON
author	Connor Shea <connor.james.shea@gmail.com>	2016-05-19 21:55:25 +0300
committer	Connor Shea <connor.james.shea@gmail.com>	2016-05-30 22:51:21 +0300
commit	d287315dbf1a1493e3f2c2511e559204cc914ff8 (patch)
tree	e8ad832255adec67b700a73e4cf853392e27bbb8 /app/models/project_import_data.rb
parent	d47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff)