<feed xmlns='http://www.w3.org/2005/Atom'>
<title>pkgsrc/devel/ruby-activesupport31, branch pkgsrc_2012Q2</title>
<subtitle>[no description]</subtitle>
<id>https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2012Q2</id>
<link rel='self' href='https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2012Q2'/>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/'/>
<updated>2012-08-20T08:19:36Z</updated>
<entry>
<title>Pullup ticket #3902 - requested by taca</title>
<updated>2012-08-20T08:19:36Z</updated>
<author>
<name>sbd</name>
<email>sbd</email>
</author>
<published>2012-08-20T08:19:36Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=a3490635e097ae6187565d2964a53648159df645'/>
<id>urn:sha1:a3490635e097ae6187565d2964a53648159df645</id>
<content type='text'>
Ruby on Rails 3.1.8 security update

Revisions pulled up:
- databases/ruby-activerecord31/distinfo                        1.6
- devel/ruby-activemodel31/distinfo                             1.6
- devel/ruby-activesupport31/distinfo                           1.7
- devel/ruby-railties31/distinfo                                1.6
- lang/ruby/rails.mk                                            1.29
- mail/ruby-actionmailer31/distinfo                             1.6
- www/ruby-actionpack31/distinfo                                1.7
- www/ruby-activeresource31/distinfo                            1.6
- www/ruby-rails31/distinfo                                     1.6

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:32:52 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   Start Ruby on Rails 3.1.8.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:33:18 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activesupport31: distinfo

   Log Message:
   Update ruby-activesupport31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:33:48 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activemodel31: distinfo

   Log Message:
   Update ruby-activemodel31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:34:38 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-actionpack31: distinfo

   Log Message:
   Update ruby-actionpack31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
     helper doesn't correctly handle malformed html.  As a result an attacker can
     execute arbitrary javascript through the use of specially crafted malformed
     html.

     *Marek from Nethemba (www.nethemba.com) &amp; Santiago Pastorino*

   * When a "prompt" value is supplied to the `select_tag` helper, the
     "prompt" value is not escaped.
     If untrusted data is not escaped, and is supplied as the prompt value,
     there is a potential for XSS attacks.
     Vulnerable code will look something like this:
       select_tag("name", options, :prompt =&gt; UNTRUSTED_INPUT)

     *Santiago Pastorino*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:35:20 UTC 2012

   Modified Files:
   	pkgsrc/databases/ruby-activerecord31: distinfo

   Log Message:
   Update ruby-activerecord31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:36:35 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-activeresource31: distinfo

   Log Message:
   Update ruby-activeresource31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:37:22 UTC 2012

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer31: distinfo

   Log Message:
   Update ruby-actionmailer31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:37:52 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-railties31: distinfo

   Log Message:
   Update ruby-railties31 to 3.1.8.

   ## Rails 3.1.8 (Aug 9, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 10:38:45 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-rails31: distinfo

   Log Message:
   Update ruby-rails31 to 3.1.8.

   This is a meta-like package and no changes.
</content>
</entry>
<entry>
<title>Pullup ticket #3895 - requested by taca</title>
<updated>2012-08-12T14:26:14Z</updated>
<author>
<name>tron</name>
<email>tron</email>
</author>
<published>2012-08-12T14:26:14Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=b7e53eb2cbde3212707e064fd9aa4ed02bab8b9c'/>
<id>urn:sha1:b7e53eb2cbde3212707e064fd9aa4ed02bab8b9c</id>
<content type='text'>
databases/ruby-activerecord31: security update
devel/ruby-activemodel31: security update
devel/ruby-activesupport31: security update
devel/ruby-railties31: security update
mail/ruby-actionmailer31: security update
www/ruby-actionpack31: security update
www/ruby-activeresource31: security update
www/ruby-rails31: security update

Revisions pulled up:
- databases/ruby-activerecord31/distinfo                        1.5
- devel/ruby-activemodel31/distinfo                             1.5
- devel/ruby-activesupport31/distinfo                           1.6
- devel/ruby-railties31/distinfo                                1.5
- lang/ruby/rails.mk                                            1.26
- mail/ruby-actionmailer31/distinfo                             1.5
- www/ruby-actionpack31/distinfo                                1.6
- www/ruby-activeresource31/distinfo                            1.5
- www/ruby-rails31/distinfo                                     1.5

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:34:39 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   Start update of Ruby on Rails 3.1.7.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:35:07 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activesupport31: distinfo

   Log Message:
   Update ruby-activesupport31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:35:47 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activemodel31: distinfo

   Log Message:
   Update ruby-activemodel31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:36:18 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-activeresource31: distinfo

   Log Message:
   Update ruby-activeresource31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:36:59 UTC 2012

   Modified Files:
   	pkgsrc/databases/ruby-activerecord31: distinfo

   Log Message:
   Update ruby-activerecord31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:38:13 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-actionpack31: distinfo

   Log Message:
   Update ruby-actionpack31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   * Do not convert digest auth strings to symbols. CVE-2012-3424

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:38:47 UTC 2012

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer31: distinfo

   Log Message:
   Update ruby-actionmailer31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:39:16 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-railties31: distinfo

   Log Message:
   Update ruby-railties31 to 3.1.7.

   ## Rails 3.1.7 (Jul 26, 2012)

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jul 31 12:41:23 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-rails31: distinfo

   Log Message:
   Update Update ruby-rails31 to 3.1.17.

   This is a meta-like package and no changes.
</content>
</entry>
<entry>
<title>Update ruby-activesupport31 to 3.1.6.</title>
<updated>2012-06-14T14:53:33Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2012-06-14T14:53:33Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=24f9b770ab21e75347cd0281ba74091fc2e4a82b'/>
<id>urn:sha1:24f9b770ab21e75347cd0281ba74091fc2e4a82b</id>
<content type='text'>
pkgsrc change: add RUBY_RAILS_STRICT_DEP which will be enabled later.

## Rails 3.1.6 (Jun 12, 2012)

*   No changes.
</content>
</entry>
<entry>
<title>Update ruby-activesupport31 to 3.1.5.</title>
<updated>2012-06-02T01:33:14Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2012-06-02T01:33:14Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=efc4f7a4bc8a478502d0782eaeebac98a2b7f0e2'/>
<id>urn:sha1:efc4f7a4bc8a478502d0782eaeebac98a2b7f0e2</id>
<content type='text'>
## Rails 3.1.5 (May 31, 2012) ##

*   call binmode on the tempfile for Ruby 1.8 compatibility

*   Stop SafeBuffer#clone_empty from issuing warnings

*   Use 1.9 native XML escaping to speed up html_escape and shush regexp warnings
</content>
</entry>
<entry>
<title>Update ruby-activesupport31 to 3.1.4.</title>
<updated>2012-03-18T05:36:53Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2012-03-18T05:36:53Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=d1cc6014ae3f85ca876a9ca1cdc941b8ad9e9245'/>
<id>urn:sha1:d1cc6014ae3f85ca876a9ca1cdc941b8ad9e9245</id>
<content type='text'>
* Tweak COMMENT.

No change except merge of CVE-2012-1099 fix.
</content>
</entry>
<entry>
<title>Add fix for CVE-2012-1098 to:</title>
<updated>2012-03-03T04:47:13Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2012-03-03T04:47:13Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=a5297eb886e24dd5edffef453689ca8606fbc5aa'/>
<id>urn:sha1:a5297eb886e24dd5edffef453689ca8606fbc5aa</id>
<content type='text'>
	devel/ruby-activesupport3
	devel/ruby-activesupport31
	www/ruby-actionpack3
	www/ruby-actionpack31

And bump each PKGREVISION.
</content>
</entry>
<entry>
<title>Add missing dependency to ruby-multi_json, noted by HIRAMATSU Yoshifumi</title>
<updated>2011-12-17T17:48:10Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2011-12-17T17:48:10Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=de09ea2a4f6ad68f27c7c60f437f0c18f0e549a3'/>
<id>urn:sha1:de09ea2a4f6ad68f27c7c60f437f0c18f0e549a3</id>
<content type='text'>
on tech-pkg-ja@.

Bump PKGREVISION.
</content>
</entry>
<entry>
<title>Importing devel/ruby-activesupport31 package version 3.1.3.</title>
<updated>2011-12-16T12:15:16Z</updated>
<author>
<name>taca</name>
<email>taca</email>
</author>
<published>2011-12-16T12:15:16Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=c4abeeb35ea09b3e56abc9a5c895bd402a9225c6'/>
<id>urn:sha1:c4abeeb35ea09b3e56abc9a5c895bd402a9225c6</id>
<content type='text'>
## Rails 3.1.1 (October 7, 2011) ##

*   ruby193: String#prepend is also unsafe *Akira Matsuda*

*   Fix obviously breakage of Time.=== for Time subclasses *jeremyevans*

*   Added fix so that file store does not raise an exception when cache dir does
    not exist yet. This can happen if a delete_matched is called before anything
    is saved in the cache. *Philippe Huibonhoa*

*   Fixed performance issue where TimeZone lookups would require tzinfo each time *Tim Lucas*

*   ActiveSupport::OrderedHash is now marked as extractable when using Array#extract_options! *Prem Sichanugrist*

## Rails 3.1.0 (August 30, 2011) ##

*   ActiveSupport::Dependencies#load and ActiveSupport::Dependencies#require now
    return the value from `super` *Aaron Patterson*

*   Fixed ActiveSupport::Gzip to work properly in Ruby 1.8 *Guillermo Iguaran*

*   Kernel.require_library_or_gem was deprecated and will be removed in Rails 3.2.0 *Josh Kalderimis*

*   ActiveSupport::Duration#duplicable? was fixed for Ruby 1.8 *thedarkone*

*   ActiveSupport::BufferedLogger set log encoding to BINARY, but still use text
    mode to output portable newlines. *fxn*

*   ActiveSupport::Dependencies now raises NameError if it finds an existing constant in load_missing_constant. This better reflects the nature of the error which is usually caused by calling constantize on a nested constant. *Andrew White*

*   Deprecated ActiveSupport::SecureRandom in favour of SecureRandom from the standard library *Jon Leighton*

*   New reporting method Kernel#quietly. *fxn*

*   Add String#inquiry as a convenience method for turning a string into a StringInquirer object *DHH*

*   Add Object#in? to test if an object is included in another object *Prem Sichanugrist, Brian Morearty, John Reitano*

*   LocalCache strategy is now a real middleware class, not an anonymous class
    posing for pictures.

*   ActiveSupport::Dependencies::ClassCache class has been introduced for
    holding references to reloadable classes.

*   ActiveSupport::Dependencies::Reference has been refactored to take direct
    advantage of the new ClassCache.

*   Backports Range#cover? as an alias for Range#include? in Ruby 1.8 *Diego Carrion, fxn*

*   Added weeks_ago and prev_week to Date/DateTime/Time. *Rob Zolkos, fxn*

*   Added before_remove_const callback to ActiveSupport::Dependencies.remove_unloadable_constants! *Andrew White*

*   JSON decoding now uses the multi_json gem which also vendors a json engine called OkJson. The yaml backend has been removed in favor of OkJson as a default engine for 1.8.x, while the built in 1.9.x json implementation will be used by default. *Josh Kalderimis*


</content>
</entry>
</feed>
