Path to this page:
Next | Query returned 4 messages, browsing 1 to 10 | previous
CVS Commit History:
2013-02-15 14:51:53 by Matthias Scheler | Files touched by this commit (6) |
Log message:
Pullup ticket #4073 - requested by taca
databases/ruby-activerecord3: security patch
devel/ruby-activemodel: security patch
Revisions pulled up:
- databases/ruby-activerecord3/Makefile 1.9
- databases/ruby-activerecord3/distinfo 1.19-1.20
- \
databases/ruby-activerecord3/patches/patch-lib_active__record_attribute__methods_write.rb \
1.1-1.2
- devel/ruby-activemodel/Makefile 1.12
- devel/ruby-activemodel/distinfo 1.19-1.20
- devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb \
1.1-1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 12 13:23:20 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: Makefile distinfo
Added Files:
pkgsrc/databases/ruby-activerecord3/patches:
patch-lib_active__record_attribute__methods_write.rb
Log message:
Add fix for Fix for CVE-2013-0277.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 13 14:08:07 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
pkgsrc/databases/ruby-activerecord3/patches:
patch-lib_active__record_attribute__methods_write.rb
Log message:
Correct comment in a patch file.
This change dosen't fix CVE-2013-0276 but give workaround for it.
No PKGREVISION bump.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 12 15:30:42 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile distinfo
Added Files:
pkgsrc/devel/ruby-activemodel/patches:
patch-lib_active__model_attribute__methods.rb
Log message:
Add fix for CVE-2013-0276.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 13 14:07:31 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
pkgsrc/devel/ruby-activemodel/patches:
patch-lib_active__model_attribute__methods.rb
Log message:
Correct comment in a patch file.
This change dosen't fix CVE-2013-0276 but give workaround for it.
No PKGREVISION bump.
|
2013-02-02 11:40:02 by Matthias Scheler | Files touched by this commit (10) | |
Log message:
Pullup ticket #4052 - requested by taca
databases/ruby-activerecord3: security update
devel/ruby-activemodel: security update
devel/ruby-activesupport3: security update
devel/ruby-railties: security update
mail/ruby-actionmailer3: security update
www/ruby-actionpack3: security update
www/ruby-activeresource3: security update
www/ruby-rails3: security update
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.18
- devel/ruby-activemodel/distinfo 1.18
- devel/ruby-activesupport3/PLIST 1.2
- devel/ruby-activesupport3/distinfo 1.19
- devel/ruby-railties/distinfo 1.18
- lang/ruby/rails.mk 1.38
- mail/ruby-actionmailer3/distinfo 1.20
- www/ruby-actionpack3/distinfo 1.19
- www/ruby-activeresource3/distinfo 1.18
- www/ruby-rails3/distinfo 1.19
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:36:12 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log message:
Start update of Ruby on Rails 3.0.20.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:37:52 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activesupport3: PLIST distinfo
Log message:
Update ruby-activesupport3 to 3.0.20.
Fix CVE-2013-0333.
There is a vulnerability in the JSON code for Ruby on Rails which
allows attackers to bypass authentication systems, inject arbitrary
SQL, inject and execute arbitrary code, or perform a DoS attack on a
Rails application.
## Rails 3.0.20 (unreleased)
* Fix XML serialization of methods that return nil to not be
considered as YAML (GH #8853 and GH #492)
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:38:40 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log message:
Update ruby-activemodel to 3.0.20.
Fix CVE-2013-0333.
There is a vulnerability in the JSON code for Ruby on Rails which
allows attackers to bypass authentication systems, inject arbitrary
SQL, inject and execute arbitrary code, or perform a DoS attack on a
Rails application.
## Rails 3.0.20 (unreleased)
* Fix XML serialization of methods that return nil to not be
considered as YAML (GH #8853 and GH #492)
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:39:33 UTC 2013
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log message:
Update ruby-activeresource3 to 3.0.20.
No change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:40:43 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log message:
Update ruby-activerecord3 to 3.0.20.
No change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:41:17 UTC 2013
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log message:
Update ruby-actionpack3 to 3.0.20.
No change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:41:49 UTC 2013
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log message:
Update ruby-actionmailer3 to 3.0.20.
No change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:42:27 UTC 2013
Modified Files:
pkgsrc/devel/ruby-railties: distinfo
Log message:
Update ruby-railties to 3.0.20.
No change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 29 15:42:58 UTC 2013
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log message:
Update ruby-rails3 to 3.0.20.
No change except version.
|
2013-01-18 15:51:11 by Matthias Scheler | Files touched by this commit (10) | |
Log message:
Pullup ticket #4023 - requested by taca
databases/ruby-activerecord3: security update
devel/ruby-activemodel: security update
devel/ruby-activesupport3: security update
devel/ruby-railties: security update
mail/ruby-actionmailer3: security update
www/ruby-actionpack3: security update
www/ruby-activeresource3: security update
www/ruby-rails3: security update
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.17
- devel/ruby-activemodel/distinfo 1.17
- devel/ruby-activesupport3/distinfo 1.18
- devel/ruby-railties/PLIST 1.6
- devel/ruby-railties/distinfo 1.17
- lang/ruby/rails.mk 1.35
- mail/ruby-actionmailer3/distinfo 1.19
- www/ruby-actionpack3/distinfo 1.18
- www/ruby-activeresource3/distinfo 1.17
- www/ruby-rails3/distinfo 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:24:27 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log message:
Start update of Ruby on Rails 3.0.19.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:25:17 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activesupport3: distinfo
Log message:
Update ruby-activesupport3 to 3.0.19.
## Rails 3.0.19 (Jan 8, 2012) ##
* Hash.from_xml raises when it encounters type="symbol" or \
type="yaml".
Use Hash.from_trusted_xml to parse this XML.
CVE-2013-0156
*Jeremy Kemper*
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:26:20 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log message:
Update ruby-activemodel to 3.0.19.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:27:13 UTC 2013
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log message:
Update ruby-activeresource3 to 3.0.19.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:28:04 UTC 2013
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log message:
Update ruby-actionpack3 to 3.0.19.
## Rails 3.0.19
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155]
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:28:50 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log message:
Update ruby-activerecord3 to 3.0.19.
## Rails 3.0.19
* Fix querying with an empty hash *Damien Mathieu* [CVE-2013-0155]
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:29:19 UTC 2013
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log message:
Update ruby-actionmailer3 to 3.0.19.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:29:40 UTC 2013
Modified Files:
pkgsrc/devel/ruby-railties: PLIST distinfo
Log message:
Update ruby-railties to 3.0.19.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 9 12:30:06 UTC 2013
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log message:
Update ruby-rails3 to 3.0.19.
Only version has updated.
|
2013-01-18 13:18:33 by Matthias Scheler | Files touched by this commit (9) | |
Log message:
Pullup ticket #4019 - requested by taca
databases/ruby-activerecord3: security update
devel/ruby-activemodel: security update
devel/ruby-activesupport3: security update
devel/ruby-railties: security update
mail/ruby-actionmailer3: security update
www/ruby-actionpack3: security update
www/ruby-activeresource3: security update
www/ruby-rails3: security update
Revisions pulled up:
- databases/ruby-activerecord3/distinfo 1.16
- devel/ruby-activemodel/distinfo 1.16
- devel/ruby-activesupport3/distinfo 1.17
- devel/ruby-railties/distinfo 1.16
- lang/ruby/rails.mk 1.32
- mail/ruby-actionmailer3/distinfo 1.18
- www/ruby-actionpack3/distinfo 1.17
- www/ruby-activeresource3/distinfo 1.16
- www/ruby-rails3/distinfo 1.17
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:30:33 UTC 2013
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log message:
Start update of Ruby on Rails 3.0.18.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:32:15 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activesupport3: distinfo
Log message:
Update ruby-activesupport3 to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:34:18 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
Log message:
Update ruby-activemodel to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:35:08 UTC 2013
Modified Files:
pkgsrc/www/ruby-activeresource3: distinfo
Log message:
Update ruby-activeresource3 to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:36:01 UTC 2013
Modified Files:
pkgsrc/www/ruby-actionpack3: distinfo
Log message:
Update ruby-actionpack3 to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:36:46 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
Log message:
Update ruby-activerecord3 to 3.0.18.
## Rails 3.0.18
* CVE-2012-5664 ensure that options are never taken from the first parameter.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:41:42 UTC 2013
Modified Files:
pkgsrc/mail/ruby-actionmailer3: distinfo
Log message:
Update ruby-actionmailer3 to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:43:15 UTC 2013
Modified Files:
pkgsrc/devel/ruby-railties: distinfo
Log message:
Update ruby-railties to 3.0.18.
Only version has updated.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 5 13:43:39 UTC 2013
Modified Files:
pkgsrc/www/ruby-rails3: distinfo
Log message:
Update ruby-rails3 to 3.0.18.
Only version has updated.
|
Next | Query returned 4 messages, browsing 1 to 10 | previous