Navigation:
Browse pkgsrc
(this page) 2024-10-27 15:35:27 by Takahiro Kambe | Files touched by this commit (14) |  |
Log message: www/ruby-rails71: update to 7.1.4.2 Security fix of ruby-action-mailer70. Other packages have no change except their version. 7.1.4.2 (2024-10-23) Action Mailer * Fix NoMethodError in block_format helper [Michael Leimstaedtner] |
| 2024-10-21 17:07:30 by Takahiro Kambe | Files touched by this commit (14) | |
Log message: www/ruby-rails71: update to 7.1.4.1 Update Ruby on Rails 7.1 to 7.1.4.1. Active Support * No changes. Active Model * No changes. Active Record * No changes. Action View * No changes. Action Pack * Avoid regex backtracking in HTTP Token authentication [CVE-2024-47887] * Avoid regex backtracking in query parameter filtering [CVE-2024-41128] Active Job * No changes. Action Mailer * Avoid regex backtracking in block_format helper [CVE-2024-47889] Action Cable * No changes. Active Storage * No changes. Action Mailbox * No changes. Action Text * Avoid backtracing in plain_text_for_blockquote_node [CVE-2024-47888] Railties * No changes. |
| 2024-06-05 18:44:18 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/ruby-rails71: update to 7.1.3.4
Security fix for CVE-2024-32464 (textproc/ruby-actiontext70) and
CVE-2024-28103 (www/ruby-actionpack61 package).
Ruby on Rails 7.1.3.4 (2024-06-04)
Action Text
* Sanitize ActionText HTML ContentAttachment in Trix edit view
[CVE-2024-32464]
Action Pack
* Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
|
| 2024-02-24 15:55:27 by Takahiro Kambe | Files touched by this commit (15) | |
Log message: www/ruby-rails71: update to 7.1.3.2 Update Ruby on Rails 7.1 and related pacakges to 7.1.3.2 This includes security fix: CVE-2024-26142 for www/ruby-actionpack71 CVE-2024-26143 for www/ruby-actionpack71 Action Pack * Fix possible XSS vulnerability with the translate method in controllers CVE-2024-26143 * Fix ReDoS in Accept header parsing CVE-2024-26142 |
| 2024-02-04 16:10:56 by Takahiro Kambe | Files touched by this commit (1) | |
Log message: devel/ruby-activejob71: update to 7.1.3 Active Job (2024-01-16) * Do not trigger immediate loading of ActiveJob::Base when loading ActiveJob::TestHelper. [Maxime Réty] * Preserve the serialized timezone when deserializing ActiveSupport::TimeWithZone arguments. [Joshua Young] * Fix ActiveJob arguments serialization to correctly serialize String subclasses having custom serializers. [fatkodima] |
| 2023-11-30 16:17:21 by Takahiro Kambe | Files touched by this commit (5) |
Log message: devel/ruby-activejob71: add version 7.1.2 Active Job - Make work happen later Active Job is a framework for declaring jobs and making them run on a variety of queuing backends. These jobs can be everything from regularly scheduled clean-ups, to billing charges, to mailings -- anything that can be chopped up into small units of work and run in parallel. It also serves as the backend for Action Mailer's #deliver_later functionality that makes it easy to turn any mailing into a job for running later. That's one of the most common jobs in a modern web application: sending emails outside the request-response cycle, so the user doesn't have to wait on it. The main point is to ensure that all Rails apps will have a job infrastructure in place, even if it's in the form of an "immediate runner". We can then have framework features and other gems build on top of that, without having to worry about API differences between Delayed Job and Resque. Picking your queuing backend becomes more of an operational concern, then. And you'll be able to switch between them without having to rewrite your jobs. This is for Ruby on Rails 7.1. |
New packages: