pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/ruby-actionpack3

Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Nov 19 15:34:37 UTC 2011

Modified Files:
        pkgsrc/www/ruby-actionpack3: PLIST distinfo

Log Message:
Update ruby-actionpack3 package to 3.0.11.

*Rails 3.0.11 (unreleased)*

* Fix XSS security vulnerability in the `translate` helper method. When using
  interpolation in combination with HTML-safe translations, the interpolated
  input would not get HTML escaped. *GH 3664*


      translate('foo_html', :something => '<script>') # => "...<script>..."


      translate('foo_html', :something => '<script>') # => 

  *Sergey Nartimov*

* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be
  raised while attempting to convert a template from one encoding to another.

  Please see for details of the bug.

  The workaround is to load all conversions into memory ahead of time, and will
  only happen if the ruby version is exactly 1.9.3p0. The hope is obviously
  that the underlying problem will be resolved in the next patchlevel release
  of 1.9.3.

* Fix assert_select_email to work on multipart and non-multipart emails as the
  method stopped working correctly in Rails 3.x due to changes in the new mail

* Fix url_for when passed a hash to prevent additional options (eg. :host,
  :protocol) from being added to the hash after calling it.

To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-actionpack3/PLIST
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/ruby-actionpack3/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index