Changelog for
rubygem-actionpack-2_3-testsuite-2.3.15-4.2.x86_64.rpm :
Tue Jan 8 13:00:00 2013 cooloAATTsuse.com
- updated to version 2.3.15, no changelog
Wed Aug 17 14:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.14
- fix fixing strip tags vulnerability (bnc#712057)
- fixing response splitting problem (bnc#712058)
Mon Jun 20 14:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.12
- dont call destroy on a session if it doesnt respond to destroy
- fix session timeout handling
Wed Feb 16 13:00:00 2011 mrueckertAATTsuse.de
- update to version 2.3.11: (bnc#668817)
- XSS Risk in mail_to :encode=>:javascript CVE-2011-0446
- CSRF Bypass Risk CVE-2011-0447
- Filter Problems on Case Insensitive Filesystems CVE-2011-0449
- Potential SQL Injection with limit() CVE-2011-0448
Mon Jan 17 13:00:00 2011 mvidnerAATTsuse.cz
- Split off doc and testsuite subpackages.
Wed Oct 27 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.10
* Version bump.
Sun Sep 5 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.9
* Version bump.
Tue May 25 14:00:00 2010 mrueckertAATTsuse.de
- use rubygems_requires macro
Tue May 25 14:00:00 2010 mrueckertAATTsuse.de
- update to version 2.3.8
* HTML safety: fix compatibility
*without
* the optional rails_xss
plugin.
- additional changes from version 2.3.7
* HTML safety: fix compatibility with the optional rails_xss
plugin. [Nathan Weizenbaum, Santiago Pastorino]
- additional changes from version 2.3.6
* JSON: set Base.include_root_in_json = true to include a root
value in the JSON: {\"post\": {\"title\": ...}}. Mirrors the Active
Record option. #2584 [Matthew Moore, Joe Martinez, Elad
Meidar, Santiago Pastorino]
* Ruby 1.9: ERB template encoding using a magic comment at the
top of the file. [Jeremy Kemper] <%# encoding: utf-8 %>
* Fixed that default locale templates should be used if the
current locale template is missing [DHH]
* Fixed that PrototypeHelper#update_page should return html_safe
[DHH]
* Fixed that much of DateHelper wouldn\'t return html_safe?
strings [DHH]
* Fixed that fragment caching should return a cache hit as
html_safe (or it would all just get escaped) [DHH]
* Introduce String#html_safe for rails_xss plugin and
forward-compatibility with Rails 3. [Michael Koziarski,
Santiago Pastorino, José Ignacio Costa]
* Added :alert, :notice, and :flash as options to
ActionController::Base#redirect_to that\'ll automatically set
the proper flash before the redirection [DHH].
* Added ActionController::Base#notice/= and
ActionController::Base#alert/= as a convenience accessors in
both the controller and the view for flash[:notice]/= and
flash[:alert]/= [DHH]
* Added cookies.permanent, cookies.signed, and
cookies.permanent.signed accessor for common cookie actions
[DHH].
- removed actionpack-2.3.5_button_to.patch:
included in update
Thu Feb 18 13:00:00 2010 aduffeckAATTnovell.com
- add a patch to fix (bnc#581792):
https://rails.lighthouseapp.com/projects/8994/tickets/3448-button_to-does-not-return-an-html-safe-string
Fri Jan 15 13:00:00 2010 mrueckertAATTsuse.de
- fix requires on rack. gem spec and code disagree with each other.
Tue Dec 1 13:00:00 2009 chrisAATTcomputersalat.de
- update to version 2.3.5
- Minor Bug Fixes and deprecation warnings
- Ruby 1.9 Support
- Fix filtering parameters when there are Fixnum or other
un-dupable values.
- Improvements to ActionView::TestCase
- Compatiblity with the rails_xss plugin
- removed actionpack-2.3.4_number_to_human_size_fix_eb30c695444b904d7937c8c12c59da9a8c4d60e5.patch:
included in update
Fri Nov 20 13:00:00 2009 mrueckertAATTsuse.de
- added actionpack-2.3.4_number_to_human_size_fix_eb30c695444b904d7937c8c12c59da9a8c4d60e5.patch
fix number_to_human_size (bnc#545720)
Thu Sep 10 14:00:00 2009 adrianAATTsuse.de
- update to version 2.3.4
Fri Jun 5 14:00:00 2009 mrueckertAATTsuse.de
- add rails-2.3.2_http_auth_digest_nil_check.patch:
do not allow authentication with a missing password (bnc#509914)
Mon Mar 16 13:00:00 2009 mrueckertAATTsuse.de
- starting package for the rails 2.3 series
