Ubuntu
ruby-actionpack-3.2 package

lp:ubuntu/trusty-proposed/ruby-actionpack-3.2

Trusty (14.04)
trusty-proposed

Created by Ubuntu Package Importer on 2013-12-03 and last modified on 2013-12-18

Get this branch:: bzr branch lp:ubuntu/trusty-proposed/ruby-actionpack-3.2

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

16. By Antonio Terceiro on 2013-12-18: * Fix invalid gemspec data in patch (again)
  debian/patches/0001-loosen_sprockets_dependency.patch: the problem was
  that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
  floating point number, but version numbers are supposed to be strings! So
  the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
  as a string.
  Closes: #732805
* debian/patches/0004-allow_newer_versions.patch: refresh
15. By Ondřej Surý on 2013-12-06: Allow to depend on ruby-rack (<< 1.4) to make backports easier
14. By Ondřej Surý on 2013-12-04: * New upstream version 3.2.16
* Update debian/control to rails release 3.2.16
13. By Chris Hofstaedtler on 2013-12-02: Tighten rack dependency to 1.4 only. (Closes: #711236)
12. By Antonio Terceiro on 2013-06-03: [ Christian Hofstaedtler ]
* Bump journey, sprockets dependency to match gem metadata
* Allow newer versions of various dependencies
* Fix format of debian-copyright (missing-license-paragraph-in-dep5-copyright)
11. By Antonio Terceiro on 2013-06-02: * Bump Standards-Version to 3.9.4; no changes needed.
* update debian/control.in to reflect changes in debian/control
* Fix invalid gemspec data in patch
  debian/patches/0001-loosen_sprockets_dependency.patch: the problem was
  that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
  floating point number, but version numbers are supposed to be strings! So
  the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
  as a string. (Closes: #710819)
10. By Ondřej Surý on 2013-05-23: Upload to unstable.
9. By Ondřej Surý on 2013-03-19: * [CVE-2013-1855]: Fix XSS vulnerability in sanitize_css in Action Pack
* [CVE-2013-1857]: Fix XSS Vulnerability in the sanitize helper of Ruby on Rails
8. By Antonio Terceiro on 2013-01-09: debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk
[CVE-2013-0155] (Closes: #697802)
7. By Antonio Terceiro on 2012-08-10: * Add patches for security problems (Closes: #684454):
  + CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
    prompt
  + CVE-2012-3465 - XSS Vulnerability in strip_tags
  + Both patches were edited from their original versions in two ways:
    - the leading a/ and b/ from the filenames were stripped
    - changes over test files were removed, since the Debian package
      contains no test files.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/trusty/ruby-actionpack-3.2

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubunturuby-actionpack-3.2 package