SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for rubygem-actionpack-3_2-3.2.12-3.17.1.i586.rpm :

* Tue Apr 02 2013 jmassaguerplaAATTsuse.com- add 2 patches to fix security issues: - bug-809935_3-2-css_sanitize.patch: CVE-2013-1855: rubygem-actionpack
*: XSS vulnerability in sanitize_css in Action Pack (bnc#809935) - bug-809940_3-2-sanitize_protocol.patch: CVE-2013-1857: rubygem-actionpack
*: XSS Vulnerability in the `sanitize` helper of Ruby on Rails (bnc#809940)
* Thu Feb 14 2013 mrueckertAATTsuse.de- update to version 3.2.12 (bnc#803336) CVE-2013-0276:
* Version bump
* Thu Jan 17 2013 mrueckertAATTsuse.de- bump sprockets requires to 2.2.1
* Thu Jan 17 2013 mrueckertAATTsuse.de- update to 3.2.11 (bnc#796712, bnc#797449, bnc#797452)
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155]- additional changes from 3.2.10, 3.2.9 and 3.2.8 The list is too long. Please see /usr/lib
*/ruby/gems/1.
*/gems/actionpack-3.2.11/CHANGELOG.md
* Thu Aug 02 2012 mrueckertAATTsuse.de- update to 3.2.7 - Do not convert digest auth strings to symbols. CVE-2012-3424 - Bump Journey requirements to 1.0.4 - Add support for optional root segments containing slashes - Fixed bug creating invalid HTML in select options - Show in log correct wrapped keys - Fix NumberHelper options wrapping to prevent verbatim blocks being rendered instead of line continuations. - ActionController::Metal doesn\'t have logger method, check it and then delegate - ActionController::Caching depends on RackDelegation and AbstractController::Callbacks - nil is removed from array parameter values CVE-2012-2694 - Deprecate `:confirm` in favor of `\':data => { :confirm => \"Text\" }\'` option for `button_to`, `button_tag`, `image_submit_tag`, `link_to` and `submit_tag` helpers.
* Carlos Galdino
* - Allow to use mounted_helpers (helpers for accessing mounted engines) in ActionView::TestCase.
*Piotr Sarnacki
* - Include mounted_helpers (helpers for accessing mounted engines) in ActionDispatch::IntegrationTest by default.
*Piotr Sarnacki
* - Deprecate old APIs for highlight, excerpt and word_wrap
*Jeremy Walker
* - Deprecate `:disable_with` in favor of `\'data-disable-with\'` option for `button_to`, `button_tag` and `submit_tag` helpers.
* Carlos Galdino + Rafael Mendonça França
* - Deprecate `:mouseover` option for `image_tag` helper.
*Rafael Mendonça França
* - Deprecate `button_to_function` and `link_to_function` helpers.
* Rafael Mendonça França
* - Don\'t break Haml with textarea newline fix. GH #393, #4000, [#5190], #5191 - Fix options handling on labels. GH #2492, #5614 - Added config.action_view.embed_authenticity_token_in_remote_forms to deal with regression from 16ee611fa - Set rendered_format when doing render :inline. GH #5632 - Fix the redirect when it receive blocks with arity of 1. Closes [#5677] - Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this! CVE-2012-2660
* Mon May 14 2012 cooloAATTsuse.com- add generic provides
* Mon Apr 23 2012 saschpeAATTsuse.de- Fix dependencies, (build)require actionpack-3_2, rack-cache-1_2 and activesupport-3_2 directly (instead of unversioned packages)
* Wed Apr 04 2012 cooloAATTsuse.com- update to 3.2.3
* Remove the leading \
added by textarea on assert_select.
* Santiago Pastorino
*
* Fix #5632, render :inline set the proper rendered format.
* Santiago Pastorino
*
* Fix textarea rendering when using plugins like HAML. Such plugins encode the first newline character in the content. This issue was introduced in https://github.com/rails/rails/pull/5191
*James Coleman
*
* Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options
*Piotr Sarnacki
*
* Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value
*DHH
*
* Turn off verbose mode of rack-cache, we still have X-Rack-Cache to check that info. Closes #5245.
*Santiago Pastorino
*
* Fix #5238, rendered_format is not set when template is not rendered.
*Piotr Sarnacki
*
* Upgrade rack-cache to 1.2.
*José Valim
*
* ActionController::SessionManagement is deprecated.
* Santiago Pastorino
*
* Since the router holds references to many parts of the system like engines, controllers and the application itself, inspecting the route set can actually be really slow, therefore we default alias inspect to to_s.
*José Valim
*
* Add a new line after the textarea opening tag. Closes #393
* Rafael Mendonça França
*
* Always pass a respond block from to responder. We should let the responder to decide what to do with the given overridden response block, and not short circuit it.
*sikachu
*
* Fixes layout rendering regression from 3.2.2.
*José Valim
* [#]# Rails 3.2.2 (March 1, 2012) ##
* Format lookup for partials is derived from the format in which the template is being rendered. Closes #5025 part 2
*Santiago Pastorino
*
* Use the right format when a partial is missing. Closes #5025.
* Santiago Pastorino
*
* Default responder will now always use your overridden block in `respond_with` to render your response.
*Prem Sichanugrist
*
* check_box helper with :disabled => true will generate a disabled hidden field to conform with the HTML convention where disabled fields are not submitted with the form. This is a behavior change, previously the hidden tag had a value of the disabled checkbox.
*Tadas Tamosauskas
*
* Fri Mar 23 2012 saschpeAATTsuse.de- Spec file cleanup:
* Factory preparation
* Fri Jan 27 2012 mrueckertAATTsuse.de- update to 3.2.1
* Documentation improvements.
* Allow `form.select` to accept ranges (regression).
*Jeremy Walker
*
* `datetime_select` works with -/+ infinity dates.
*Joe Van Dyk
*
* Thu Jan 26 2012 mrueckertAATTsuse.de- initial package of the 3.2 branch
  
ICM