Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:lafenghu
rubygem-actionpack-2_3
rubygem-actionpack-2_3.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rubygem-actionpack-2_3.changes of Package rubygem-actionpack-2_3
------------------------------------------------------------------- Wed Jul 18 14:57:18 UTC 2012 - mrueckert@suse.de - added 2 patches to fix security issues: 2-3-null_param.patch (CVE-2012-2660) (bnc#765097) 2-3-null_array_param.patch (CVE-2012-2694) (bnc#766791) - track series file from quilt for easier handling ------------------------------------------------------------------- Wed Aug 17 12:02:42 UTC 2011 - mrueckert@suse.de - update to version 2.3.14 - fix fixing strip tags vulnerability (bnc#712057) - fixing response splitting problem (bnc#712058) ------------------------------------------------------------------- Mon Jun 20 16:27:43 UTC 2011 - mrueckert@suse.de - update to version 2.3.12 - dont call destroy on a session if it doesnt respond to destroy - fix session timeout handling ------------------------------------------------------------------- Wed Feb 16 11:09:20 UTC 2011 - mrueckert@suse.de - update to version 2.3.11: (bnc#668817) - XSS Risk in mail_to :encode=>:javascript CVE-2011-0446 - CSRF Bypass Risk CVE-2011-0447 - Filter Problems on Case Insensitive Filesystems CVE-2011-0449 - Potential SQL Injection with limit() CVE-2011-0448 ------------------------------------------------------------------- Mon Jan 17 13:21:21 UTC 2011 - mvidner@suse.cz - Split off doc and testsuite subpackages. ------------------------------------------------------------------- Wed Oct 27 11:34:50 UTC 2010 - mrueckert@suse.de - update to version 2.3.10 * Version bump. ------------------------------------------------------------------- Sun Sep 5 11:07:19 UTC 2010 - mrueckert@suse.de - update to version 2.3.9 * Version bump. ------------------------------------------------------------------- Tue May 25 16:08:12 UTC 2010 - mrueckert@suse.de - use rubygems_requires macro ------------------------------------------------------------------- Tue May 25 15:07:19 UTC 2010 - mrueckert@suse.de - update to version 2.3.8 * HTML safety: fix compatibility *without* the optional rails_xss plugin. - additional changes from version 2.3.7 * HTML safety: fix compatibility with the optional rails_xss plugin. [Nathan Weizenbaum, Santiago Pastorino] - additional changes from version 2.3.6 * JSON: set Base.include_root_in_json = true to include a root value in the JSON: {"post": {"title": ...}}. Mirrors the Active Record option. #2584 [Matthew Moore, Joe Martinez, Elad Meidar, Santiago Pastorino] * Ruby 1.9: ERB template encoding using a magic comment at the top of the file. [Jeremy Kemper] <%# encoding: utf-8 %> * Fixed that default locale templates should be used if the current locale template is missing [DHH] * Fixed that PrototypeHelper#update_page should return html_safe [DHH] * Fixed that much of DateHelper wouldn't return html_safe? strings [DHH] * Fixed that fragment caching should return a cache hit as html_safe (or it would all just get escaped) [DHH] * Introduce String#html_safe for rails_xss plugin and forward-compatibility with Rails 3. [Michael Koziarski, Santiago Pastorino, José Ignacio Costa] * Added :alert, :notice, and :flash as options to ActionController::Base#redirect_to that'll automatically set the proper flash before the redirection [DHH]. * Added ActionController::Base#notice/= and ActionController::Base#alert/= as a convenience accessors in both the controller and the view for flash[:notice]/= and flash[:alert]/= [DHH] * Added cookies.permanent, cookies.signed, and cookies.permanent.signed accessor for common cookie actions [DHH]. - removed actionpack-2.3.5_button_to.patch: included in update ------------------------------------------------------------------- Thu Feb 18 14:09:24 UTC 2010 - aduffeck@novell.com - add a patch to fix (bnc#581792): https://rails.lighthouseapp.com/projects/8994/tickets/3448-button_to-does-not-return-an-html-safe-string ------------------------------------------------------------------- Fri Jan 15 14:21:37 UTC 2010 - mrueckert@suse.de - fix requires on rack. gem spec and code disagree with each other. ------------------------------------------------------------------- Tue Dec 1 18:19:07 UTC 2009 - chris@computersalat.de - update to version 2.3.5 - Minor Bug Fixes and deprecation warnings - Ruby 1.9 Support - Fix filtering parameters when there are Fixnum or other un-dupable values. - Improvements to ActionView::TestCase - Compatiblity with the rails_xss plugin - removed actionpack-2.3.4_number_to_human_size_fix_eb30c695444b904d7937c8c12c59da9a8c4d60e5.patch: included in update ------------------------------------------------------------------- Fri Nov 20 13:53:22 UTC 2009 - mrueckert@suse.de - added actionpack-2.3.4_number_to_human_size_fix_eb30c695444b904d7937c8c12c59da9a8c4d60e5.patch fix number_to_human_size (bnc#545720) ------------------------------------------------------------------- Thu Sep 10 12:03:08 UTC 2009 - adrian@suse.de - update to version 2.3.4 ------------------------------------------------------------------- Fri Jun 5 16:58:30 CEST 2009 - mrueckert@suse.de - add rails-2.3.2_http_auth_digest_nil_check.patch: do not allow authentication with a missing password (bnc#509914) ------------------------------------------------------------------- Mon Mar 16 20:34:36 CET 2009 - mrueckert@suse.de - starting package for the rails 2.3 series -------------------------------------------------------------------
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor