Changelog for ruby2.7-rubygem-rails-6.0-6.0.6.1-lp156.1.2.x86_64.rpm :

* Tue Nov 14 2023 Dan Čermák - 6.0.6.1: [#]# Active Support
* No changes. [#]# Active Model
* No changes. [#]# Active Record
* Make `sanitize_as_sql_comment` more strict Though this method was likely never meant to take user input, it was attempting sanitization. That sanitization could be bypassed with carefully crafted input. This commit makes the sanitization more robust by replacing any occurrances of \"/
*\" or \"
*/\" with \"/
*\" or \"
* /\". It also performs a first pass to remove one surrounding comment to avoid compatibility issues for users relying on the existing removal. This also clarifies in the documentation of annotate that it should not be provided user input. [CVE-2023-22794] [#]# Action View
* No changes. [#]# Action Pack
* No changes. [#]# Active Job
* No changes. [#]# Action Mailer
* No changes. [#]# Action Cable
* No changes. [#]# Active Storage
* No changes. [#]# Action Mailbox
* No changes. [#]# Action Text
* No changes. [#]# Railties
* No changes.
* Wed Jan 18 2023 Alexey Svistunov - Initial package