Hello community, here is the log from the commit of package rubygem-activesupport-3_2.2387 for openSUSE:12.2:Update checked in at 2013-12-23 14:39:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/rubygem-activesupport-3_2.2387 (Old) and /work/SRC/openSUSE:12.2:Update/.rubygem-activesupport-3_2.2387.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-activesupport-3_2.2387" Changes: -------- New Changes file: --- /dev/null 2013-11-25 01:44:08.036031256 +0100 +++ /work/SRC/openSUSE:12.2:Update/.rubygem-activesupport-3_2.2387.new/rubygem-activesupport-3_2.changes 2013-12-23 14:39:24.000000000 +0100 @@ -0,0 +1,74 @@ +------------------------------------------------------------------- +Thu Dec 12 17:28:43 UTC 2013 - jmassaguer...@suse.com + +- fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS + vulnerability in the log subscriber component (bnc#846239) + File CVE-2013-4389.patch contains the fix. + +------------------------------------------------------------------- +Wed Feb 13 23:52:39 UTC 2013 - mrueck...@suse.de + +- update to version 3.2.12 (bnc#803336) CVE-2013-0276: + * Version bump + +------------------------------------------------------------------- +Thu Jan 17 13:23:24 UTC 2013 - mrueck...@suse.de + +- update to 3.2.11: (bnc#796712, bnc#797449, bnc#797452) + * Hash.from_xml raises when it encounters type="symbol" or + type="yaml". Use Hash.from_trusted_xml to parse this XML. + CVE-2013-0156 [Jeremy Kemper] + * Add logger.push_tags and .pop_tags to complement logger.tagged: + Jeremy Kemper + * Add %:z and %::z format string support to + ActiveSupport::TimeWithZone#strftime. [fixes #6962] kennyj + * Fix ActiveSupport integration with Mocha > 0.12.1. Mike Gunderloy + * Reverted the deprecation of ActiveSupport::JSON::Variable. + Rafael Mendonça França + * ERB::Util.html_escape now escapes single quotes. + Santiago Pastorino + +------------------------------------------------------------------- +Thu Aug 2 14:31:23 UTC 2012 - mrueck...@suse.de + +- update to 3.2.7 (includes changes for 3.2.4-3.2.6) + * Hash#fetch(fetch) is not the same as doing hash[key] + * adds a missing require [fixes #6896] + * make sure the inflection rules are loaded when cherry-picking + active_support/core_ext/string/inflections.rb [fixes #6884] + * Merge pull request #6857 from + rsutphin/as_core_ext_time_missing_require + * bump AS deprecation_horizon to 4.0 + * ActiveSupport::JSON::Variable is deprecated. Define your own + #as_json and #encode_json methods for custom JSON string + literals. *Erich Menge* + * Added #beginning_of_hour and #end_of_hour to Time and DateTime + core extensions. *Mark J. Titorenko* + +------------------------------------------------------------------- +Wed Apr 4 15:28:10 UTC 2012 - co...@suse.com + +- update to 3.2.3, no changes (it says literally) + +------------------------------------------------------------------- +Fri Mar 23 11:00:44 UTC 2012 - sasc...@suse.de + +- Spec file cleanup: + * Factory preparation + +------------------------------------------------------------------- +Fri Jan 27 00:58:12 UTC 2012 - mrueck...@suse.de + +- update to 3.2.1 + * Documentation fixes and improvements. + * Update time zone offset information. *Ravil Bayramgalin* + * The deprecated `ActiveSupport::Base64.decode64` calls + `::Base64.decode64` now. *Jonathan Viney* + * Fixes uninitialized constant + `ActiveSupport::TaggedLogging::ERROR`. *kennyj* + +------------------------------------------------------------------- +Thu Jan 26 16:23:06 UTC 2012 - mrueck...@suse.de + +- initial package of the 3.2 branch + New: ---- CVE-2013-4389.patch activesupport-3.2.12.gem rubygem-activesupport-3_2.changes rubygem-activesupport-3_2.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-activesupport-3_2.spec ++++++ # # spec file for package rubygem-activesupport-3_2 # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: rubygem-activesupport-3_2 Version: 3.2.12 Release: 0 Summary: A toolkit of support libraries and Ruby core extensions extracted from the Rails framework License: MIT Group: Development/Languages/Ruby Url: http://www.rubyonrails.org %define mod_name activesupport %define mod_full_name %{mod_name}-%{version} Source: %{mod_full_name}.gem Source1: CVE-2013-4389.patch BuildRequires: ruby-devel >= 1.8.7 BuildRequires: rubygem-i18n-0_6 >= 0.6 BuildRequires: rubygem-multi_json-1 >= 1.0 BuildRequires: rubygem-rdoc BuildRequires: rubygems_with_buildroot_patch Requires: ruby >= 1.8.7 Requires: rubygem-i18n-0_6 >= 0.6 Requires: rubygem-multi_json-1 >= 1.0 Provides: rubygem-%{mod_name} = %{version} Provides: rubygem-%{mod_name}-3 = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build %rubygems_requires %description A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. %package doc Summary: RDoc documentation for %{mod_name} Group: Development/Languages/Ruby Requires: %{name} = %{version} %description doc Documentation generated at gem installation time. Usually in RDoc and RI formats. %prep %build %install %gem_install %{SOURCE0} pushd %{buildroot}/%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version} patch -p2 < %{S:1} popd %files %defattr(-,root,root,-) %{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_full_name}.gem %{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ %{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_full_name}.gemspec %files doc %defattr(-,root,root,-) %doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_full_name}/ %changelog ++++++ CVE-2013-4389.patch ++++++ diff --git a/activesupport/lib/active_support/log_subscriber.rb b/activesupport/lib/active_support/log_subscriber.rb index 6296c1d..ed7c73b 100644 --- a/activesupport/lib/active_support/log_subscriber.rb +++ b/activesupport/lib/active_support/log_subscriber.rb @@ -118,5 +118,9 @@ module ActiveSupport bold = bold ? BOLD : "" "#{bold}#{color}#{text}#{CLEAR}" end + + def format_duration(duration) + "%.1fms" % duration + end end end -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org