[ol7_software_collections] ruby193-rubygem-actionpack-doc-1:3.2.8-13.el7.noarch

Documentation for rubygem-actionpack

Changelog (Show File list) (Show related packages)

• Wed May 14 2014 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-13

  - Fixes for CVE-2014-0130
    - Resolves: rhbz#1096086

• Thu Feb 20 2014 Josef Stribny <jstribny@redhat.com> - 1:3.2.8-11

  - Fix for  CVE-2014-0082
    - Resolves: rhbz#1065891

• Tue Feb 18 2014 Josef Stribny <jstribny@redhat.com> - 1:3.2.8-10

  - Fix for CVE-2014-0081
    - Resolves: rhbz#1065891

• Mon Feb 17 2014 Josef Stribny <jstribny@redhat.com> - 1:3.2.8-9

  - Depend on scldevel(v8) virtual provide
    - Resolves: rhbz#1065887

• Tue Feb 11 2014 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-8

  - Fix regression introduced by CVE-2013-6415.
    - Resolves: rhbz#1038194

• Tue Dec 03 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-7

  - Fix i18n missing translation XSS.
    * rubygem-actionpack-3.2.16-CVE-2013-4491-Stop-using-i18ns-built-in-HTML-error-handling.patch
    - Resolves: CVE-2013-4491
  - Fix Action View DoS.
    * rubygem-actionpack-3.2.16-CVE-2013-6414-Only-use-valid-mime-type-symbols-as-cache-keys.patch
    - Resolves: CVE-2013-6414
  - Fix number_to_currency XSS.
    * rubygem-actionpack-3.2.16-CVE-2013-6415-Escape-the-unit-value-provided-to-number_to_currency.patch
    - Resolves: CVE-2013-6415
  - Fix unsafe query generation risk in Ruby on Rails (incomplete fix for
    CVE-2013-0155) (CVE-2013-6417).
    * rubygem-actionpack-3.2.16-CVE-2013-6417-Deep-Munge-the-parameters-for-GET-and-POST.patch
    - Resolves: CVE-2013-6417

• Thu Nov 28 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-6

  - Build against v8314 SCL.

• Mon Mar 18 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-5

  - Updated patch for CVE-2013-1857 by upstream.

• Fri Mar 15 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.2.8-4

  - Fix for CVE-2013-1855 and CVE-2013-1857.

• Mon Jan 14 2013 Bohuslav Kabrda <bkabrda@redhat.com> - 1:3.2.8-3

  - Fix for CVE-2013-0155.