Change log for ruby-actionpack-3.2 package in Ubuntu
| 1 → 15 of 15 results | First • Previous • Next • Last |
| Deleted in utopic-release (Reason: (From Debian) ROM; obsolete by rails-3.2; Debian bug #746685) |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
ruby-actionpack-3.2 (3.2.16-3) unstable; urgency=medium
* Fix invalid gemspec data in patch (again)
debian/patches/0001-loosen_sprockets_dependency.patch: the problem was
that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
floating point number, but version numbers are supposed to be strings! So
the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
as a string.
Closes: #732805
* debian/patches/0004-allow_newer_versions.patch: refresh
-- Antonio Terceiro <email address hidden> Wed, 18 Dec 2013 18:01:29 -0300
Available diffs
- diff from 3.2.13-7 to 3.2.16-3 (11.0 KiB)
- diff from 3.2.16-2 to 3.2.16-3 (1.1 KiB)
ruby-actionpack-3.2 (3.2.16-2) unstable; urgency=high * Allow to depend on ruby-rack (<< 1.4) to make backports easier -- Ondřej Surý <email address hidden> Fri, 06 Dec 2013 10:55:12 +0100
Available diffs
- diff from 3.2.16-1 to 3.2.16-2 (359 bytes)
ruby-actionpack-3.2 (3.2.16-1) unstable; urgency=high * New upstream version 3.2.16 * Update debian/control to rails release 3.2.16 -- Ondřej Surý <email address hidden> Wed, 04 Dec 2013 17:40:28 +0100
Available diffs
- diff from 3.2.13-9 to 3.2.16-1 (9.8 KiB)
ruby-actionpack-3.2 (3.2.13-9) unstable; urgency=low * Tighten rack dependency to 1.4 only. (Closes: #711236) -- Christian Hofstaedtler <email address hidden> Mon, 02 Dec 2013 23:17:48 +0100
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
ruby-actionpack-3.2 (3.2.13-7) unstable; urgency=low [ Christian Hofstaedtler ] * Bump journey, sprockets dependency to match gem metadata * Allow newer versions of various dependencies * Fix format of debian-copyright (missing-license-paragraph-in-dep5-copyright) -- Antonio Terceiro <email address hidden> Mon, 03 Jun 2013 22:06:15 -0300
Available diffs
- diff from 3.2.13-6 to 3.2.13-7 (1.6 KiB)
ruby-actionpack-3.2 (3.2.13-6) unstable; urgency=low
* Bump Standards-Version to 3.9.4; no changes needed.
* update debian/control.in to reflect changes in debian/control
* Fix invalid gemspec data in patch
debian/patches/0001-loosen_sprockets_dependency.patch: the problem was
that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
floating point number, but version numbers are supposed to be strings! So
the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
as a string. (Closes: #710819)
-- Antonio Terceiro <email address hidden> Sun, 02 Jun 2013 17:14:18 -0300
Available diffs
- diff from 3.2.13-5 to 3.2.13-6 (1.4 KiB)
ruby-actionpack-3.2 (3.2.13-5) unstable; urgency=low * Upload to unstable. -- Ondřej Surý <email address hidden> Thu, 23 May 2013 11:10:30 +0200
Available diffs
- diff from 3.2.6-6 to 3.2.13-5 (119.8 KiB)
| Superseded in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
ruby-actionpack-3.2 (3.2.6-6) unstable; urgency=high * [CVE-2013-1855]: Fix XSS vulnerability in sanitize_css in Action Pack * [CVE-2013-1857]: Fix XSS Vulnerability in the sanitize helper of Ruby on Rails -- Ondřej Surý <email address hidden> Tue, 19 Mar 2013 09:45:34 +0100
Available diffs
- diff from 3.2.6-5 to 3.2.6-6 (1.3 KiB)
ruby-actionpack-3.2 (3.2.6-4ubuntu0.1) quantal-security; urgency=low
* SECURITY UPDATE: Unsafe Query Generation Risk in Ruby on Rails
(LP: #1100162)
- debian/patches/CVE-2013-0155: Strip nils from collections on JSON and
XML posts. Based on upstream patch.
- CVE-2013-0155
-- Christian Kuersteiner <email address hidden> Wed, 16 Jan 2013 14:20:55 +0700
Available diffs
ruby-actionpack-3.2 (3.2.6-5) unstable; urgency=high
* debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk
[CVE-2013-0155] (Closes: #697802)
-- Antonio Terceiro <email address hidden> Wed, 09 Jan 2013 18:25:45 -0300
Available diffs
- diff from 3.2.6-4 to 3.2.6-5 (1.4 KiB)
ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high
* Add patches for security problems (Closes: #684454):
+ CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
prompt
+ CVE-2012-3465 - XSS Vulnerability in strip_tags
+ Both patches were edited from their original versions in two ways:
- the leading a/ and b/ from the filenames were stripped
- changes over test files were removed, since the Debian package
contains no test files.
-- Antonio Terceiro <email address hidden> Fri, 10 Aug 2012 13:08:08 -0300
Available diffs
- diff from 3.2.6-3 to 3.2.6-4 (1.5 KiB)
ruby-actionpack-3.2 (3.2.6-3) unstable; urgency=high * Add patch by Aaron Patterson for CVE-2012-3424 (Closes: #683370) -- Antonio Terceiro <email address hidden> Sat, 04 Aug 2012 09:28:12 -0300
Available diffs
- diff from 3.2.6-2 to 3.2.6-3 (861 bytes)
ruby-actionpack-3.2 (3.2.6-2) unstable; urgency=low * Bump build dependency to gem2deb >= 0.3.0~ -- Antonio Terceiro <email address hidden> Sun, 24 Jun 2012 19:06:43 -0300
Available diffs
- diff from 3.2.6-1 to 3.2.6-2 (485 bytes)
ruby-actionpack-3.2 (3.2.6-1) unstable; urgency=low
* New upstream release.
* debian/control:
+ review short description
+ add myself to Uploaders:
-- Antonio Terceiro <email address hidden> Sat, 16 Jun 2012 21:15:28 -0300
Available diffs
- diff from 3.2.3-2 to 3.2.6-1 (11.7 KiB)
ruby-actionpack-3.2 (3.2.3-2) unstable; urgency=low
* Add Conflict with ruby-actionpack-2.3 (Closes: #673737)
* B-D ruby-activerecord-3.2 and ruby-activesupport-3.2 are already
in unstable (Closes: #671986)
-- Ondřej Surý <email address hidden> Wed, 23 May 2012 13:03:07 +0200
| 1 → 15 of 15 results | First • Previous • Next • Last |
