Update ruby-openid to 2.9.2
We have to update ruby-openid to the latest version because a vulnerability CVE-2019-11027 has been reported. The attached patch updates ruby-openid to 2.9.2.
I have confirmed with ruby-openid 2.9.2 that:
- succeeded in signing in to Redmine with Yahoo OpenID
- passes all test with Redmine 3.4-stable, 4.0-stable, and trunk