Subject: CVS commit: pkgsrc/devel/ruby-activesupport3
From: Takahiro Kambe
Date: 2013-01-29 16:37:52
Message id: 20130129153752.A409F175DD@cvs.netbsd.org

Log Message:
Update ruby-activesupport3 to 3.0.20.

Fix CVE-2013-0333.

There is a vulnerability in the JSON  code for Ruby on Rails which
allows attackers to bypass authentication systems, inject arbitrary
SQL, inject and execute arbitrary code, or perform a DoS attack on a
Rails application.

## Rails 3.0.20 (unreleased)

* Fix XML serialization of methods that return nil to not be
  considered as YAML (GH #8853 and GH #492)

Files:
RevisionActionfile
1.2modifypkgsrc/devel/ruby-activesupport3/PLIST
1.19modifypkgsrc/devel/ruby-activesupport3/distinfo