Pullup ticket #3903 - requested by taca

Ruby on Rails 3.0.17 security update.

Revisions pulled up:
- databases/ruby-activerecord3/distinfo                         1.15
- devel/ruby-activemodel/distinfo                               1.15
- devel/ruby-activesupport3/distinfo                            1.16
- devel/ruby-railties/distinfo                                  1.15
- lang/ruby/rails.mk                                            1.28
- mail/ruby-actionmailer3/distinfo                              1.17
- www/ruby-actionpack3/distinfo                                 1.16
- www/ruby-activeresource3/distinfo                             1.15
- www/ruby-rails3/distinfo                                      1.16

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:44:22 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   Start update of Ruby on Rails 3.0.17.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:44:58 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activesupport3: distinfo

   Log Message:
   Update ruby-activesupport3 to 3.0.17.

   ## Rails 3.0.17 (Aug 9, 2012)

   * No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:45:45 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-activemodel: distinfo

   Log Message:
   Update ruby-activemodel to 3.0.17.

   ## Rails 3.0.17 (Aug 9, 2012)

   * No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:46:45 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-actionpack3: distinfo

   Log Message:
   Update ruby-actionpack3 to 3.0.17

   ## Rails 3.0.17 (Aug 9, 2012)

   * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
     helper doesn't correctly handle malformed html.  As a result an attacker can
     execute arbitrary javascript through the use of specially crafted malformed
     html.

     *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*

   * When a "prompt" value is supplied to the `select_tag` helper, the "prompt"
     value is not escaped.  If untrusted data is not escaped, and is supplied as
     the prompt value, there is a potential for XSS attacks.
     Vulnerable code will look something like this:
       select_tag("name", options, :prompt => UNTRUSTED_INPUT)

     *Santiago Pastorino*

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:47:45 UTC 2012

   Modified Files:
   	pkgsrc/databases/ruby-activerecord3: distinfo

   Log Message:
   Update ruby-activerecord3 to 3.0.17.

   ## Rails 3.0.17 (Aug 9, 2012)

   * Fix type_to_sql with text and limit on mysql/mysql2 (GH #7252)

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:48:26 UTC 2012

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer3: distinfo

   Log Message:
   Update ruby-actionmailer3 to 3.0.17.

   ## Rails 3.0.17 (Aug 9, 2012)

   * No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:49:01 UTC 2012

   Modified Files:
   	pkgsrc/devel/ruby-railties: distinfo

   Log Message:
   Update ruby-railties to 3.0.17.

   ## Rails 3.0.17 (Aug 9, 2012)

   * No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Aug 12 09:50:41 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-rails3: distinfo

   Log Message:
   Update ruby-rails3 to 3.0.17.

   This is a meta-like package and no changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug 15 15:58:23 UTC 2012

   Modified Files:
   	pkgsrc/www/ruby-activeresource3: distinfo

   Log Message:
   Oops, missed from commit for ruby-activeresource3.

1 files changed, 4 insertions, 4 deletions

diff --git a/www/ruby-activeresource3/distinfo b/www/ruby-activeresource3/distinfo
index bec8dd65a15..5bd9a09c71d 100644
--- a/www/ruby-activeresource3/distinfo
+++ b/www/ruby-activeresource3/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.13.2.1 2012/08/12 14:06:58 tron Exp $
+$NetBSD: distinfo,v 1.13.2.2 2012/08/20 07:54:05 sbd Exp $
 
-SHA1 (activeresource-3.0.16.gem) = fcb3d3135079b42999874003fbdbb16abd3194c8
-RMD160 (activeresource-3.0.16.gem) = 78d84a7d96242c94167f16253d7cf8670304bef2
-Size (activeresource-3.0.16.gem) = 34816 bytes
+SHA1 (activeresource-3.0.17.gem) = 56069051b02328f501c03611cf93cbf3bdd47dc2
+RMD160 (activeresource-3.0.17.gem) = fb0efc6b1bde89e69853c1e4d9663bdcf4bde5bf
+Size (activeresource-3.0.17.gem) = 34816 bytes