Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
rubygem-actionpack-4_2.1919
rubygem-actionpack-4_2.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rubygem-actionpack-4_2.changes of Package rubygem-actionpack-4_2.1919
------------------------------------------------------------------- Tue Jan 26 17:50:43 UTC 2016 - jmassaguerpla@suse.com - fix bnc#963331 - CVE-2016-0751: rubygem-actionpack: Object Leak DoS CVE-2016-0751.patch: contains the fix ------------------------------------------------------------------- Tue Jan 26 17:48:39 UTC 2016 - jmassaguerpla@suse.com - fix bnc#963335 - CVE-2015-7581: rubygem-actionpack: unbounded memory growth DoS via wildcard controller routes CVE-2015-7581.patch: contains the fix ------------------------------------------------------------------- Tue Jan 26 16:38:33 UTC 2016 - jmassaguerpla@suse.com - fix bnc#963332 - CVE-2016-0752: rubygem-actionpack, rubygem-actionview: directory traversal and information leak in Action View CVE-2016-0752.patch: contains the security fix ------------------------------------------------------------------- Tue Jan 26 13:01:25 UTC 2016 - jmassaguerpla@suse.com - fix CVE-2015-7576: rubygem-actionpack, rubygem-activesupport: Timing attack vulnerability in basic authentication in Action Controller CVE-2015-7576.patch: contains the fix (bsc#963329) ------------------------------------------------------------------- Fri Jul 3 10:17:41 UTC 2015 - jmassaguerpla@suse.com - update to version 4.2.2, no changes (updated to match activesupport version) (bnc#934799 and bnc#934800). ------------------------------------------------------------------- Sun Mar 22 09:07:28 UTC 2015 - coolo@suse.com - updated to version 4.2.1, see CHANGELOG.md ------------------------------------------------------------------- Wed Jan 28 12:29:23 UTC 2015 - adrian@suse.de - update to 4.2.0 ------------------------------------------------------------------- Mon Jan 19 21:09:53 UTC 2015 - dmueller@suse.com - update to 4.1.9: * Fixed handling of positional url helper arguments when `format: false`. * Restore handling of a bare `Authorization` header, without `token=` prefix. * Fix regression where path was getting overwritten when route anchor was false, and X-Cascade pass * Fix a bug where malformed query strings lead to 500. * Fix arbitrary file existence disclosure in Action Pack (CVE-2014-7829) * Fix arbitrary file existence disclosure in Action Pack (CVE-2014-7818) ------------------------------------------------------------------- Mon Nov 10 14:00:03 UTC 2014 - tboerger@suse.com - To get rails 4 running on SLE 11 i have switched the rb_build_versions definition to rub21 as it is activated within devel:languages:ruby. That way we can get running rails 4 on SLE 11 too. ------------------------------------------------------------------- Sun Oct 12 16:20:05 UTC 2014 - coolo@suse.com - updated to version 4.1.6 * Prepend a JS comment to JSONP callbacks. Addresses CVE-2014-4671 ("Rosetta Flash") * Because URI paths may contain non US-ASCII characters we need to force the encoding of any unescaped URIs to UTF-8 if they are US-ASCII. This essentially replicates the functionality of the monkey patch to URI.parser.unescape in active_support/core_ext/uri.rb. Fixes #16104. * Generate shallow paths for all children of shallow resources. Fixes #15783. * JSONP responses are now rendered with the `text/javascript` content type when rendering through a `respond_to` block. Fixes #15081. * Fix env['PATH_INFO'] missing leading slash when a rack app mounted at '/'. Fixes #15511. * ActionController::Parameters#require now accepts `false` values. Fixes #15685. ------------------------------------------------------------------- Wed Jul 23 13:26:43 UTC 2014 - mrueckert@suse.com - - initial package
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor