[Security] Update net-ldap gem to 0.6.0 or higher

[f3ndot]

Due to a security vuln in the library (OSVDB-106108), builds that incorporate bundler-audit as a failure condition will, well, fail:

+ /usr/local/rvm/bin/rvm 2.0.0 do ./bin/bundle-audit update
Updating ruby-advisory-db ...
From https://github.com/rubysec/ruby-advisory-db
 * branch            master     -> FETCH_HEAD
Already up-to-date.
ruby-advisory-db: 145 advisories
+ /usr/local/rvm/bin/rvm 2.0.0 do ./bin/bundle-audit check
Name: net-ldap
Version: 0.5.1
Advisory: OSVDB-106108
Criticality: Low
URL: http://osvdb.org/show/osvdb/106108
Title: Net::LDAP for Ruby lib/net/ldap/password.rb SSHA Password Generation Weak Salt
Solution: upgrade to >= 0.6.0

Unpatched versions found!
Build step 'Execute shell' marked build as failure

Hopefully using net-ldap versions 0.6.0 through 0.11 work.

[skaasten]

:+1:

[lukad]

:+1:

[skaasten]

Can this be merged? It would be nice to close this exploit.

[dalpo]

:+1:

[f3ndot]

Was able to test successfully that the LDAP functionality in works my app. Used 0.11

[lukad]

Is there any reason why this can't be merged?

[johanness]

:+1:

[rishi-freshbooks]

Please merge at your earliest convenience.

[johanness]

[cschiewek]

0.8.5 released with this PR as well...