Path to this page:
Subject: CVS commit: pkgsrc/devel/ruby-activesupport
From: Takahiro Kambe
Date: 2011-08-17 16:12:03
Message id: 20110817141203.70E24175DD@cvs.netbsd.org
Log Message:
Update ruby-activesupport package to 2.3.14.
2.3.14:
Security fix with Ruby 1.8.x not affected Ruby 1.9.x:
Ruby on Rails has provided a high performance replacement for
ERB::Util.h since version 2.0.0. Due to a bug in the Ruby 1.8 Regular
Expression code this replacement version will fail to escape certain
malformed unicode strings. This malformed output will then be
interpreted as HTML by some browsers on some operating systems.
Files: