[Bug 822922] [NEW] Sync rails 2.3.11-0.1 (universe) from Debian unstable (main)
Launchpad Bug Tracker
822922 at bugs.launchpad.net
Mon Aug 8 20:28:41 UTC 2011
You have been subscribed to a public bug by Felix Geyer (debfx):
Please sync rails 2.3.11-0.1 (universe) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
cdata-and-white-space-handling.patch can be dropped as the issue has been (differently) fixed upstream:
https://github.com/rails/rails/commit/12f6fd0f2687f083bc23ad63fdc82c7e65cb8984
Changelog entries since current oneiric version 2.3.5-1.2ubuntu1:
rails (2.3.11-0.1) unstable; urgency=medium
* Non-maintainer upload.
* Imported Upstream version 2.3.11 (Closes: #616456)
+ Works with rubygems 1.6.x (Closes: #622829, #618221)
+ Fix XSS Risk in mail_to :encode=>:javascript [CVE-2011-0446]
+ Fix CSRF Bypass Risk: [CVE-2011-0447] (Closes: #614864)
+ I18N interpolation deprecation was removed in v2.3.6 (Closes: #546037)
* Update dependencies on tmail (>= 1.2.7) and i18n (>= 0.4.1)
* Adapt patches to the new release
* Add Breaks: redmine (<< 1.1.3-1)
* Add rubygems{1.8,1.9.1} dependency to all packages (Closes: #587767)
-- Ondřej Surý <ondrej at debian.org> Mon, 30 May 2011 14:58:12 +0200
** Affects: rails (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Sync rails 2.3.11-0.1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/822922
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is subscribed to the bug report.
More information about the ubuntu-archive
mailing list