CVS commit: pkgsrc/databases/ruby-activerecord

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/databases/ruby-activerecord
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Wed, 17 Aug 2011 14:12:42 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Aug 17 14:12:42 UTC 2011

Modified Files:
        pkgsrc/databases/ruby-activerecord: PLIST distinfo

Log Message:
Update ruby-activerecord package to 2.3.14.

2.3.14:

Security fix:

The quote_table_name method in the ActiveRecord adapaters for Ruby on
Rails were initially created solely for the purpose of escaping
reserved words encountered in table names.  However over time 3rd
party libraries, and rails itself, grew to rely on those functions as
a way to sanitize potentially malicious user input.  As a result these
functions need to be hardened to manage malicious input rather than
assuming they're being passed benign values generated by rails itself.


To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord/PLIST
cvs rdiff -u -r1.22 -r1.23 pkgsrc/databases/ruby-activerecord/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/devel/ruby-activesupport
Next by Date: CVS commit: pkgsrc/www/ruby-actionpack
Previous by Thread: CVS commit: pkgsrc/devel/ruby-activesupport
Next by Thread: CVS commit: pkgsrc/www/ruby-actionpack
Indexes:

Home | Main Index | Thread Index | Old Index