diff options
author | sbd <sbd@pkgsrc.org> | 2012-08-20 07:54:04 +0000 |
---|---|---|
committer | sbd <sbd@pkgsrc.org> | 2012-08-20 07:54:04 +0000 |
commit | e14b70ae3eaf3696667cf04eb4403a0b5d93ed84 (patch) | |
tree | bc250148cb0522a5ebb63aeae9e08794df765004 /www/ruby-activeresource3/distinfo | |
parent | a20de1b81b5769e70b39fd3d87c86d3b81011b1c (diff) | |
download | pkgsrc-e14b70ae3eaf3696667cf04eb4403a0b5d93ed84.tar.gz |
Pullup ticket #3903 - requested by taca
Ruby on Rails 3.0.17 security update.
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.15
- devel/ruby-activemodel/distinfo 1.15
- devel/ruby-activesupport3/distinfo 1.16
- devel/ruby-railties/distinfo 1.15
- lang/ruby/rails.mk 1.28
- mail/ruby-actionmailer3/distinfo 1.17
- www/ruby-actionpack3/distinfo 1.16
- www/ruby-activeresource3/distinfo 1.15
- www/ruby-rails3/distinfo 1.16
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:44:22 UTC 2012
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails 3.0.17.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:44:58 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activesupport3: distinfo
Log Message:
Update ruby-activesupport3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:45:45 UTC 2012
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log Message:
Update ruby-activemodel to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:46:45 UTC 2012
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log Message:
Update ruby-actionpack3 to 3.0.17
## Rails 3.0.17 (Aug 9, 2012)
* There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
helper doesn't correctly handle malformed html. As a result an attacker can
execute arbitrary javascript through the use of specially crafted malformed
html.
*Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
* When a "prompt" value is supplied to the `select_tag` helper, the "prompt"
value is not escaped. If untrusted data is not escaped, and is supplied as
the prompt value, there is a potential for XSS attacks.
Vulnerable code will look something like this:
select_tag("name", options, :prompt => UNTRUSTED_INPUT)
*Santiago Pastorino*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:47:45 UTC 2012
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log Message:
Update ruby-activerecord3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* Fix type_to_sql with text and limit on mysql/mysql2 (GH #7252)
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:48:26 UTC 2012
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log Message:
Update ruby-actionmailer3 to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:49:01 UTC 2012
Modified Files:
pkgsrc/devel/ruby-railties: distinfo
Log Message:
Update ruby-railties to 3.0.17.
## Rails 3.0.17 (Aug 9, 2012)
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 12 09:50:41 UTC 2012
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log Message:
Update ruby-rails3 to 3.0.17.
This is a meta-like package and no changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 15 15:58:23 UTC 2012
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log Message:
Oops, missed from commit for ruby-activeresource3.
Diffstat (limited to 'www/ruby-activeresource3/distinfo')
-rw-r--r-- | www/ruby-activeresource3/distinfo | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/www/ruby-activeresource3/distinfo b/www/ruby-activeresource3/distinfo index bec8dd65a15..5bd9a09c71d 100644 --- a/www/ruby-activeresource3/distinfo +++ b/www/ruby-activeresource3/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.13.2.1 2012/08/12 14:06:58 tron Exp $ +$NetBSD: distinfo,v 1.13.2.2 2012/08/20 07:54:05 sbd Exp $ -SHA1 (activeresource-3.0.16.gem) = fcb3d3135079b42999874003fbdbb16abd3194c8 -RMD160 (activeresource-3.0.16.gem) = 78d84a7d96242c94167f16253d7cf8670304bef2 -Size (activeresource-3.0.16.gem) = 34816 bytes +SHA1 (activeresource-3.0.17.gem) = 56069051b02328f501c03611cf93cbf3bdd47dc2 +RMD160 (activeresource-3.0.17.gem) = fb0efc6b1bde89e69853c1e4d9663bdcf4bde5bf +Size (activeresource-3.0.17.gem) = 34816 bytes |