SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for rubygem-activerecord-3_2-3.2.12-2.17.1.x86_64.rpm :

* Tue Apr 02 2013 jmassaguerplaAATTsuse.com- add patch to fix security issue: - bug-809932_3-2-attribute_symbols.patch: fix CVE-2013-1854: rubygem-activerecord
*: Symbol DoS vulnerability in Active Record (bnc#809932)
* Wed Feb 13 2013 mrueckertAATTsuse.de- update to version 3.2.12 (bnc#803336) CVE-2013-0276: - Quote numeric values being compared to non-numeric columns. Otherwise, in some database, the string column values will be coerced to a numeric allowing 0, 0.0 or false to match any string starting with a non-digit.
* Thu Jan 17 2013 mrueckertAATTsuse.de- update to 3.2.11: (bnc#796712, bnc#797449, bnc#797452)
* Fix querying with an empty hash
*Damien Mathieu
* [CVE-2013-0155]
* CVE-2012-5664 options hashes should only be extracted if there are extra parameters- additional changes from 3.2.10, 3.2.9 and 3.2.8 The list is too long. Please see /usr/lib
*/ruby/gems/1.
*/gems/actionpack-3.2.11/CHANGELOG.md
* Thu Aug 02 2012 mrueckertAATTsuse.de- update to 3.2.7
* `:finder_sql` and `:counter_sql` options on collection associations are deprecated. Please transition to using scopes.
* Jon Leighton
*
* `:insert_sql` and `:delete_sql` options on `has_and_belongs_to_many` associations are deprecated. Please transition to using `has_many :through`
*Jon Leighton
*
* `composed_of` has been deprecated. You\'ll have to write your own accessor and mutator methods if you\'d like to use value objects to represent some portion of your models.
* Steve Klabnik
*
* `update_attribute` has been deprecated. Use `update_column` if you want to bypass mass-assignment protection, validations, callbacks, and touching of updated_at. Otherwise please use `update_attributes`.
*Steve Klabnik
*- additional changes from 3.2.6
* protect against the nesting of hashes changing the table context in the next call to build_from_hash. This fix covers this case as well. CVE-2012-2695
* Revert earlier \'perf fix\' (see 3.2.4 changelog / GH #6289). This change introduced a regression (GH #6609). assoc.clear and assoc.delete_all have loaded the association before doing the delete since at least Rails 2.3. Doing the delete without loading the records means that the `before_remove` and `after_remove` callbacks do not get invoked. Therefore, this change was less a fix a more an optimisation, which should only have gone into master.
*Jon Leighton
*- additional changes from 3.2.5
* Restore behavior of Active Record 3.2.3 scopes. A series of commits relating to preloading and scopes caused a regression.
* Andrew White
*- additional changes from 3.2.4
* Perf fix: Don\'t load the records when doing assoc.delete_all. GH #6289.
*Jon Leighton
*
* Association preloading shouldn\'t be affected by the current scoping. This could cause infinite recursion and potentially other problems. See GH #5667.
*Jon Leighton
*
* Datetime attributes are forced to be changed. GH #3965
* Fix attribute casting. GH #5549
* Fix #5667. Preloading should ignore scoping.
* Predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this! CVE-2012-2661
* Mon Apr 23 2012 saschpeAATTsuse.de- Explicitly require rubygem-activemodel-3_2 and rubygem-activesupport-3_2 instead of rubygem-activemodel and rubygem-activemodel to fix \'have choice\' errors
* Wed Apr 04 2012 cooloAATTsuse.com- update to 3.2.3
* Added find_or_create_by_{attribute}! dynamic method.
*Andrew White
*
* Whitelist all attribute assignment by default.
* Update ActiveRecord::AttributeMethods#attribute_present? to return false for empty strings.
*Jacobkg
*
* Fix associations when using per class databases.
*larskanis
*
* Revert setting NOT NULL constraints in add_timestamps
*fxn
*
* Fix mysql to use proper text types. Fixes #3931.
*kennyj
*
* Fix #5069 - Protect foreign key from mass assignment through association builder.
*byroot
*
* Fri Jan 27 2012 mrueckertAATTsuse.de- update to 3.2.1
* The threshold for auto EXPLAIN is ignored if there\'s no logger.
* fxn
*
* Call `to_s` on the value passed to `table_name=`, in particular symbols are supported (regression).
*Sergey Nartimov
*
* Fix possible race condition when two threads try to define attribute methods for the same class.
*Jon Leighton
*
* Thu Jan 26 2012 mrueckertAATTsuse.de- initial package of the 3.2 branch
  
ICM