Navigation:
Browse pkgsrc
(this page)
databases ruby-act..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2024-10-27 15:29:40 by Takahiro Kambe | Files touched by this commit (14) |  |
Log message: www/ruby-rails61: update to 6.1.7.10 Security fix of ruby-action-mailer61. Other packages have no change except their version. Action Mailer * Fix NoMethodError in block_format helper [Michael Leimstaedtner] |
| 2024-10-21 16:58:58 by Takahiro Kambe | Files touched by this commit (14) | |
Log message: www/ruby-rails61: update to 6.1.7.9 Update Ruby on Rails 6.1 to 6.1.7.9. Active Support * No changes. Active Model * No changes. Active Record * No changes. Action View * No changes. Action Pack * Avoid regex backtracking in HTTP Token authentication [CVE-2024-47887] * Avoid regex backtracking in query parameter filtering [CVE-2024-41128] Active Job * No changes. Action Mailer * Avoid regex backtracking in block_format helper [CVE-2024-47889] Action Cable * No changes. Active Storage * No changes. Action Mailbox * No changes. Action Text * Avoid backtracing in plain_text_for_blockquote_node [CVE-2024-47888] Railties * No changes. |
| 2024-06-05 18:21:36 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/ruby-rails61: update to 6.1.7.8
Security fix for CVE-2024-28103 (www/ruby-actionpack61 package).
Ruby on Rails 6.1.7.8 (2024-06-04)
Action Pack
* Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
|
| 2024-02-24 15:42:41 by Takahiro Kambe | Files touched by this commit (17) | |
Log message: www/rails61: update to 6.1.7.7 Update rails61 and related pacakges to 6.1.7.7 This includes security fix for CVE-2024-26144, devel/ruby-activestorage61. Active Storage * Disables the session in ActiveStorage::Blobs::ProxyController and ActiveStorage::Representations::ProxyController in order to allow caching by default in some CDNs as CloudFlare Fixes #44136 Bruno Prieto |
| 2023-08-26 17:23:29 by Takahiro Kambe | Files touched by this commit (14) | |
Log message: www/ruby-rails61: update to 6.1.7.6 6.1.7.5 (2023-08-22) Active Support * Use a temporary file for storing unencrypted files while editing [CVE-2023-38037] 6.1.7.6 (2023-08-22) * No changes between this and 6.1.7.5. This release was just to fix file permissions in the previous release. |
| 2023-06-27 15:35:19 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/rails61: update to 6.1.7.4
Rails 6.1.7.4 (2023-06-26)
Action Pack
* Raise an exception if illegal characters are provide to redirect_to
[CVE-2023-28362]
*Zack Deveau*
|
| 2023-03-15 14:31:49 by Takahiro Kambe | Files touched by this commit (15) | |
Log message: www/ruby-rails61: update to 6.1.7.3 6.1.7.3 (2023-03-13) Active Support * Implement SafeBuffer#bytesplice [CVE-2023-28120] Action View * Ignore certain data-* attributes in rails-ujs when element is contenteditable [CVE-2023-23913] |
| 2023-01-25 14:27:10 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/ruby-rails61: update to 6.1.7.2
Rails 6.1.7.2 (2023-01-24)
www/ruby-actionpack61
* Fix `domain: :all` for two letter TLD
This fixes a compatibility issue introduced in our previous security
release when using `domain: :all` with a two letter but single level top
level domain domain (like `.ca`, rather than `.co.uk`).
|
New packages: