SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for rubygem-activesupport-2_3-2.3.17-1.1.i586.rpm :
Tue Feb 5 13:00:00 2013 lijewski.stefanAATTgmail.com
- update to 2.3.16 (bnc#800320) CVE-2013-0333
- fixing load error messages
- html_escape should escape single quotes
- Add an OkJson backend and remove the YAML backend
Fixes CVE-2013-0333. The ActiveSupport::JSON::Backends::Yaml
class is present but the functionality has been removed
entirely.
- obsoletes 3-0-escape_html-activesupport.patch:
upstreamed
- update to 2.3.15: (bnc#796712, bnc#797449, bnc#797452)

* Hash.from_xml raises when it encounters type=\"symbol\" or
type=\"yaml\". Use Hash.from_trusted_xml to parse this XML.
CVE-2013-0156 [Jeremy Kemper]

Fri Sep 7 14:00:00 2012 mrueckertAATTsuse.de
- added 3-0-escape_html-activesupport.patch: (bnc#775653)
Also encode single quote (CVE-2012-3464)

Wed Aug 17 14:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.14
- fixing utf8 escape vulerability (bnc#712060)
- Fix OrderedHash merging with block given.

Mon Jun 20 14:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.12

* Version bump

Wed Feb 16 13:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.11: (bnc#668817)
- XSS Risk in mail_to :encode=>:javascript CVE-2011-0446
- CSRF Bypass Risk CVE-2011-0447
- Filter Problems on Case Insensitive Filesystems CVE-2011-0449
- Potential SQL Injection with limit() CVE-2011-0448

Mon Jan 17 13:00:00 2011 mvidnerAATTsuse.cz
- Split off doc subpackage.

Wed Oct 27 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.10

* i18n: bundle i18n 0.4.1 for forward compatibility with Rails 3.
Deprecates {{foo}} interpolation syntax in favor of 1.9-native
%{foo}.

* Deprecate Kernel#returning in favor of Object#tap since it\'s
included in Ruby 1.8.7 and later. [Santiago Pastorino]

* Deprecates ActiveSupport::Dependencies.load_(once_)paths,
renamed to autoload_(once_)paths. [fxn]

* Deprecates Array#random_element, renamed to sample to match
Ruby 1.9, thanks to Marc-Andre Lafortune. [fxn]

Sun Sep 5 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.9

* i18n: bundle i18n 0.4.1 for forward compatibility with Rails 3.
Deprecates {{foo}} interpolation syntax in favor of 1.9-native
%{foo}.

* Deprecate Kernel#returning in favor of Object#tap since it\'s
included in Ruby 1.8.7 and later. [Santiago Pastorino]

* Deprecates ActiveSupport::Dependencies.load_(once_)paths,
renamed to autoload_(once_)paths. [fxn]

* Deprecates Array#random_element, renamed to sample to match
Ruby 1.9, thanks to Marc-Andre Lafortune. [fxn]

Tue May 25 14:00:00 2010 mrueckertAATTsuse.de
- use rubygems_requires macro

Tue May 25 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.8

* Version bump.
- additional changes from version 2.3.7

* HTML safety: fix compatibility with the optional rails_xss
plugin. [Nathan Weizenbaum, Santiago Pastorino]
- additional changes from version 2.3.6

* 1.9 compat: deprecated last_(month|year) in favor of
prev_(month|year). [fxn]

* Deprecated Array#rand in favor of Array#random_element.
[Santiago Pastorino, Rizwan Reza]

* Added Object#presence that returns the object if it\'s #present?
otherwise returns nil [DHH/Colin Kelley]

* New assertions assert_blank and assert_present.
[#4299] [Juanjo Bazan]

* Use Object#singleton_class instead of #metaclass. Prefer Ruby\'s
choice. [Jeremy Kemper]

* JSON backend for YAJL. Preferred if available.
[#2666] [Brian Lopez]

* Introduce String#html_safe for rails_xss plugin and
forward-compatibility with Rails 3. [Michael Koziarski,
Santiago Pastorino, José Ignacio Costa]

* Time#- with a DateTime argument behaves the same as with a Time
argument, i.e. returns the difference between self and arg as a
Float #3476 [Geoff Buesing]

* YAML serialization for OrderedHash. #3608 [Gregor Schmidt]

* Add Enumerable#exclude? to bring parity to Enumerable#include?
and avoid if !x.include?/else calls [DHH]

Tue Dec 1 13:00:00 2009 chrisAATTcomputersalat.de
- update to version 2.3.5

* Minor Bug Fixes and deprecation warnings

* Fixes for the Nokogiri backend for XmlMini

* Ruby 1.9 Compatibility

Thu Sep 10 14:00:00 2009 adrianAATTsuse.de
- update to version 2.3.4

* Introduce ActiveSupport::Multibyte.clean to clean invalid
multibyte strings.

* Bug fixes

Mon Mar 16 13:00:00 2009 mrueckertAATTsuse.de
- starting package for the rails 2.3 series


  
ICM