rails (2.1.0-4) unstable; urgency=low
* Added a fix for binary data corruption with PostgreSQL backend. This
occurred whenever the binary data included ASCII value of \ followed
by three numbers.
* The fix in ActiveRecord to address SQL injection in :limit and :offset
was not complete. MySQL backend was still affected as it redefined the
problematic functions. Pulled in upstream patch.
rails (2.1.0-3) unstable; urgency=high
* Security fix pulled from upstream for a REXML expansion
DoS. (CVE-2008-3790)
Date: Fri, 10 Oct 2008 11:07:16 +0100
Changed-By: Kees Cook <[EMAIL PROTECTED]>
Maintainer: Adam Majer <[EMAIL PROTECTED]>
Origin: Debian/unstable
https://launchpad.net/ubuntu/intrepid/+source/rails/2.1.0-4
Origin: Debian/unstable
Format: 1.7
Date: Fri, 10 Oct 2008 11:07:16 +0100
Source: rails
Binary: rails
Architecture: source
Version: 2.1.0-4
Distribution: intrepid
Urgency: high
Maintainer: Adam Majer <[EMAIL PROTECTED]>
Changed-By: Kees Cook <[EMAIL PROTECTED]>
Description:
rails - MVC ruby based framework geared for web application development
Changes:
rails (2.1.0-4) unstable; urgency=low
.
* Added a fix for binary data corruption with PostgreSQL backend. This
occurred whenever the binary data included ASCII value of \ followed
by three numbers.
* The fix in ActiveRecord to address SQL injection in :limit and :offset
was not complete. MySQL backend was still affected as it redefined the
problematic functions. Pulled in upstream patch.
.
rails (2.1.0-3) unstable; urgency=high
.
* Security fix pulled from upstream for a REXML expansion
DoS. (CVE-2008-3790)
Files:
437154a22433c113c3850a6681aba5dc 14631 web optional rails_2.1.0-4.diff.gz
6da488b9680f564a3a7f864eef8ee31d 1203 web optional rails_2.1.0-4.dsc
--
Intrepid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/intrepid-changes
