[ubuntu/intrepid] rails 2.1.0-4 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Fri Oct 10 11:13:10 BST 2008
rails (2.1.0-4) unstable; urgency=low
* Added a fix for binary data corruption with PostgreSQL backend. This
occurred whenever the binary data included ASCII value of \ followed
by three numbers.
* The fix in ActiveRecord to address SQL injection in :limit and :offset
was not complete. MySQL backend was still affected as it redefined the
problematic functions. Pulled in upstream patch.
rails (2.1.0-3) unstable; urgency=high
* Security fix pulled from upstream for a REXML expansion
DoS. (CVE-2008-3790)
Date: Fri, 10 Oct 2008 11:07:16 +0100
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Adam Majer <adamm at zombino.com>
Origin: Debian/unstable
https://launchpad.net/ubuntu/intrepid/+source/rails/2.1.0-4
-------------- next part --------------
Origin: Debian/unstable
Format: 1.7
Date: Fri, 10 Oct 2008 11:07:16 +0100
Source: rails
Binary: rails
Architecture: source
Version: 2.1.0-4
Distribution: intrepid
Urgency: high
Maintainer: Adam Majer <adamm at zombino.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
rails - MVC ruby based framework geared for web application development
Changes:
rails (2.1.0-4) unstable; urgency=low
.
* Added a fix for binary data corruption with PostgreSQL backend. This
occurred whenever the binary data included ASCII value of \ followed
by three numbers.
* The fix in ActiveRecord to address SQL injection in :limit and :offset
was not complete. MySQL backend was still affected as it redefined the
problematic functions. Pulled in upstream patch.
.
rails (2.1.0-3) unstable; urgency=high
.
* Security fix pulled from upstream for a REXML expansion
DoS. (CVE-2008-3790)
Files:
437154a22433c113c3850a6681aba5dc 14631 web optional rails_2.1.0-4.diff.gz
6da488b9680f564a3a7f864eef8ee31d 1203 web optional rails_2.1.0-4.dsc
More information about the Intrepid-changes
mailing list