[DRE-commits] [rails-4.0] 04/04: prepare 4.0.2+dfsg-1 release
Ondrej Sury
ondrej at moszumanska.debian.org
Wed Dec 4 09:46:10 UTC 2013
This is an automated email from the git hooks/post-receive script.
ondrej pushed a commit to branch master
in repository rails-4.0.
commit 03204f3ab729431ee7322ecb11a7ff567e6e4498
Author: Ondřej Surý <ondrej at sury.org>
Date: Wed Dec 4 10:36:11 2013 +0100
prepare 4.0.2+dfsg-1 release
---
debian/changelog | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index a0b5ee0..272701e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,18 @@
-rails-4.0 (4.0.0+dfsg-2) UNRELEASED; urgency=low
+rails-4.0 (4.0.2+dfsg-1) unstable; urgency=low
+ [ Antonio Terceiro ]
* ruby-actionpack-4.0: tighten versioned dependency on ruby-rack to take
epoch into account.
- -- Antonio Terceiro <terceiro at debian.org> Sun, 20 Oct 2013 16:22:25 -0300
+ [ Ondřej Surý ]
+ * New upstream version 4.0.2+dfsg, fixes:
+ + [CVE-2013-6417] Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)
+ + [CVE-2013-4491] Reflective XSS Vulnerability in Ruby on Rails
+ + [CVE-2013-6415] XSS Vulnerability in number_to_currency
+ + [CVE-2013-6414] Denial of Service Vulnerability in Action View
+ + [CVE-2013-6416] XSS Vulnerability in simple_format helper
+
+ -- Ondřej Surý <ondrej at debian.org> Wed, 04 Dec 2013 10:34:24 +0100
rails-4.0 (4.0.0+dfsg-1) unstable; urgency=low
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/rails-4.0.git
More information about the Pkg-ruby-extras-commits
mailing list