Pullup ticket #3904 - requested by taca

Ruby on Rails 3.2.8 security update

Revisions pulled up:
- databases/ruby-activerecord32/distinfo                        1.6
- devel/ruby-activemodel32/distinfo                             1.6
- devel/ruby-activesupport32/distinfo                           1.6
- devel/ruby-railties32/distinfo                                1.6
- lang/ruby/rails.mk                                            1.30
- mail/ruby-actionmailer32/distinfo                             1.6
- www/ruby-actionpack32/distinfo                                1.6
- www/ruby-activeresource32/distinfo                            1.6
- www/ruby-rails32/distinfo                                     1.6

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:37:06 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   Start update of Ruby on Rails 3.2.8.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:38:09 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activesupport32: distinfo

   Log Message:
   Update ruby-activesupport32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   * Fix ActiveSupport integration with Mocha > 0.12.1. *Mike Gunderloy*

   * Reverted the deprecation of ActiveSupport::JSON::Variable.
     *Rafael Mendonça França*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:38:41 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activemodel32: distinfo

   Log Message:
   Update ruby-activemodel32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:40:00 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-actionpack32: distinfo

   Log Message:
   Update ruby-actionpack32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
     helper doesn't correctly handle malformed html.  As a result an attacker can
     execute arbitrary javascript through the use of specially crafted malformed
     html.

     *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*

   * When a "prompt" value is supplied to the `select_tag` helper, the "prompt"
     value is not escaped.
     If untrusted data is not escaped, and is supplied as the prompt value, there
     is a potential for XSS attacks.
     Vulnerable code will look something like this:

       select_tag("name", options, :prompt => UNTRUSTED_INPUT)

     *Santiago Pastorino*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:41:02 UTC 2012

   Modified Files:
   	pkgsrc/databases/ruby-activerecord32: distinfo

   Log Message:
   Update ruby-activerecord32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   * Do not consider the numeric attribute as changed if the old value is zero
     and the new value is not a string.
     Fixes #7237.

     *Rafael Mendonça França*

   * Removes the deprecation of `update_attribute`. *fxn*

   * Reverted the deprecation of `composed_of`. *Rafael Mendonça França*

   * Reverted the deprecation of `*_sql` association options. They will be
     deprecated in 4.0 instead. *Jon Leighton*

   * Do not eager load AR session store. ActiveRecord::SessionStore depends on
     the abstract store in Action Pack. Eager loading this class would break
     client code that eager loads Active Record standalone.
     Fixes #7160

     *Xavier Noria*

   * Do not set RAILS_ENV to "development" when using `db:test:prepare` and
     related rake tasks.
     This was causing the truncation of the development database data when using
     RSpec.

     Fixes #7175.

     *Rafael Mendonça França*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:41:37 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-activeresource32: distinfo

   Log Message:
   Update ruby-activeresource32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:42:14 UTC 2012

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer32: distinfo

   Log Message:
   Update ruby-actionmailer32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:43:08 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-railties32: distinfo

   Log Message:
   Update ruby-railties32 to 3.2.8.

   ## Rails 3.2.8 (Aug 9, 2012) ##

   * ERB scaffold generator use the `:data => { :confirm => "Text" }` syntax
     instead of `:confirm`.

     *Rafael Mendonça França*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 12:44:30 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-rails32: distinfo

   Log Message:
   Update ruby-rails32 to 3.2.8.

   This is a meta-like package and no changes.

9 files changed, 34 insertions, 34 deletions

diff --git a/databases/ruby-activerecord32/distinfo b/databases/ruby-activerecord32/distinfo
index d68f14647e5..4a8ef259d66 100644
--- a/databases/ruby-activerecord32/distinfo
+++ b/databases/ruby-activerecord32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:48:59 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:28 sbd Exp $
 
-SHA1 (activerecord-3.2.7.gem) = ae860da2fb04cbfb113a061697299c4b28c3c167
-RMD160 (activerecord-3.2.7.gem) = 1dc8e6db98311e25daea27253e4480a53e89c783
-Size (activerecord-3.2.7.gem) = 389632 bytes
+SHA1 (activerecord-3.2.8.gem) = 96e876f625b98915d2b1994c06ea057bf7dd23b8
+RMD160 (activerecord-3.2.8.gem) = 7723cf1946bf7aad0d901356a9a2e7e8d56e2206
+Size (activerecord-3.2.8.gem) = 390144 bytes
diff --git a/devel/ruby-activemodel32/distinfo b/devel/ruby-activemodel32/distinfo
index 98980e5dee3..dcca60f3c08 100644
--- a/devel/ruby-activemodel32/distinfo
+++ b/devel/ruby-activemodel32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:48:59 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:28 sbd Exp $
 
-SHA1 (activemodel-3.2.7.gem) = 4a7869365532fc6ed4d56a5685e72e4dded0f973
-RMD160 (activemodel-3.2.7.gem) = 34dd205a2fec44e6ea0c41f6e49540f2b25e3a74
-Size (activemodel-3.2.7.gem) = 45056 bytes
+SHA1 (activemodel-3.2.8.gem) = df7fb9febe248201fd1ad741a2044324f4c90cc9
+RMD160 (activemodel-3.2.8.gem) = 58e9b415f17723f4933a46317d30dd5849a0400c
+Size (activemodel-3.2.8.gem) = 45056 bytes
diff --git a/devel/ruby-activesupport32/distinfo b/devel/ruby-activesupport32/distinfo
index dd237cc35fe..bc08fa7d043 100644
--- a/devel/ruby-activesupport32/distinfo
+++ b/devel/ruby-activesupport32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:48:59 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:28 sbd Exp $
 
-SHA1 (activesupport-3.2.7.gem) = 733554cdc1d3828a3c19eee77f6aa05aeb24b661
-RMD160 (activesupport-3.2.7.gem) = 92d63940e216948d62e20241c1b8ccf1b6ee8941
-Size (activesupport-3.2.7.gem) = 314880 bytes
+SHA1 (activesupport-3.2.8.gem) = e5136f556b62343425cc147a8990bd043430354d
+RMD160 (activesupport-3.2.8.gem) = 1f2d50966498012f6507061f61f11b07511a646a
+Size (activesupport-3.2.8.gem) = 314880 bytes
diff --git a/devel/ruby-railties32/distinfo b/devel/ruby-railties32/distinfo
index 47db0f336d5..07f52fe5167 100644
--- a/devel/ruby-railties32/distinfo
+++ b/devel/ruby-railties32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:48:59 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:29 sbd Exp $
 
-SHA1 (railties-3.2.7.gem) = 7063fb19f6a81c1f0096451988be1bab7e8d11a7
-RMD160 (railties-3.2.7.gem) = 08fb8142515ea4ff8d3db200fc5bbd9963b76e44
-Size (railties-3.2.7.gem) = 1629696 bytes
+SHA1 (railties-3.2.8.gem) = e44accc5d057866087856a521398250fe082b70b
+RMD160 (railties-3.2.8.gem) = b3bbe9e047c9d3cad947088a2af0880fe27e74c5
+Size (railties-3.2.8.gem) = 1630208 bytes
diff --git a/lang/ruby/rails.mk b/lang/ruby/rails.mk
index 6256d9defab..a3a938542db 100644
--- a/lang/ruby/rails.mk
+++ b/lang/ruby/rails.mk
@@ -1,4 +1,4 @@
-# $NetBSD: rails.mk,v 1.24.2.5 2012/08/20 08:19:36 sbd Exp $
+# $NetBSD: rails.mk,v 1.24.2.6 2012/08/20 08:22:29 sbd Exp $
 
 .if !defined(_RUBY_RAILS_MK)
 _RUBY_RAILS_MK=	# defined
@@ -40,7 +40,7 @@ _RUBY_RAILS_MK=	# defined
 #
 RUBY_RAILS3_VERSION?=	3.0.17
 RUBY_RAILS31_VERSION?=	3.1.8
-RUBY_RAILS32_VERSION?=	3.2.7
+RUBY_RAILS32_VERSION?=	3.2.8
 
 RUBY_RAILS_SUPPORTED?=	# defined
 RUBY_RAILS_DEFAULT?=	32
diff --git a/mail/ruby-actionmailer32/distinfo b/mail/ruby-actionmailer32/distinfo
index 78493e0cb35..9568cf55bfd 100644
--- a/mail/ruby-actionmailer32/distinfo
+++ b/mail/ruby-actionmailer32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:49:00 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:29 sbd Exp $
 
-SHA1 (actionmailer-3.2.7.gem) = 13abdbbfd47c9df1aaaa871d28df7314b63fc51f
-RMD160 (actionmailer-3.2.7.gem) = 2dce8d0d298f8496e9ce9faaa0bde61586e3bfbb
-Size (actionmailer-3.2.7.gem) = 27136 bytes
+SHA1 (actionmailer-3.2.8.gem) = 20525face84f3cdc8b0fc039e0f75ec4963e3677
+RMD160 (actionmailer-3.2.8.gem) = 82d3c28dc08118f3faee1838c548fd028c180eee
+Size (actionmailer-3.2.8.gem) = 27136 bytes
diff --git a/www/ruby-actionpack32/distinfo b/www/ruby-actionpack32/distinfo
index c2c15d71e9d..a1ba320e96b 100644
--- a/www/ruby-actionpack32/distinfo
+++ b/www/ruby-actionpack32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:49:00 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:29 sbd Exp $
 
-SHA1 (actionpack-3.2.7.gem) = 8a9d298a5ba4a88fb3c412c31a99f356572c77fd
-RMD160 (actionpack-3.2.7.gem) = 93e2d53b8c5a64f6e7ef5a803c0605bbe1c8f9fc
-Size (actionpack-3.2.7.gem) = 379392 bytes
+SHA1 (actionpack-3.2.8.gem) = ccc63cc2fcb3131b92d45cf5834aa629857d7258
+RMD160 (actionpack-3.2.8.gem) = ec71996e73831ea346d8e060234a7f7a73881908
+Size (actionpack-3.2.8.gem) = 379392 bytes
diff --git a/www/ruby-activeresource32/distinfo b/www/ruby-activeresource32/distinfo
index 31cf04cb676..b162919c874 100644
--- a/www/ruby-activeresource32/distinfo
+++ b/www/ruby-activeresource32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:49:00 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:29 sbd Exp $
 
-SHA1 (activeresource-3.2.7.gem) = c2294e38b0844043fad0b1a85fc061380b776d25
-RMD160 (activeresource-3.2.7.gem) = c45139eea8a9269db10283c32a5beae2d444b89a
-Size (activeresource-3.2.7.gem) = 36864 bytes
+SHA1 (activeresource-3.2.8.gem) = 195e1e4653e6e06f469ea20e181727ef9d940ee7
+RMD160 (activeresource-3.2.8.gem) = 81f28e05ebcdcd7d66535311e6053384011d5689
+Size (activeresource-3.2.8.gem) = 36864 bytes
diff --git a/www/ruby-rails32/distinfo b/www/ruby-rails32/distinfo
index aa2c9907d8e..556dc1feb62 100644
--- a/www/ruby-rails32/distinfo
+++ b/www/ruby-rails32/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4.2.1 2012/08/12 14:49:00 tron Exp $
+$NetBSD: distinfo,v 1.4.2.2 2012/08/20 08:22:29 sbd Exp $
 
-SHA1 (rails-3.2.7.gem) = 895df62aadf491eec5e4c9c19de0451f0072c7e0
-RMD160 (rails-3.2.7.gem) = f9ad62c4da8403f4366b4219d6ce318e96b25c46
-Size (rails-3.2.7.gem) = 3584 bytes
+SHA1 (rails-3.2.8.gem) = 35581ffc256d73d217537170b0e116cf4545752e
+RMD160 (rails-3.2.8.gem) = 13ea8d5b1a69d93068b18471329c0afbc3460558
+Size (rails-3.2.8.gem) = 3584 bytes