Path to this page:
Subject: CVS commit: pkgsrc/www/ruby-actionview60
From: Takahiro Kambe
Date: 2022-05-05 05:23:12
Message id: 20220505032312.5FEE0FB1A@cvs.NetBSD.org
Log Message:
www/ruby-actionview60: update to 6.0.4.8
## Rails 6.0.4.8 (April 26, 2022) ##
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
Escape dangerous characters in names of tags and names of attributes in the
tag helpers, following the XML specification. Rename the option
`:escape_attributes` to `:escape`, to simplify by applying the option to the
whole tag.
*Álvaro Martín Fraguas*
Files: