lp:ubuntu/trusty-proposed/ruby-actionpack-3.2
- Get this branch:
- bzr branch lp:ubuntu/trusty-proposed/ruby-actionpack-3.2
Branch merges
Branch information
Recent revisions
- 16. By Antonio Terceiro
-
* Fix invalid gemspec data in patch (again)
debian/patches/ 0001-loosen_ sprockets_ dependency. patch: the problem was
that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
floating point number, but version numbers are supposed to be strings! So
the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
as a string.
Closes: #732805
* debian/patches/ 0004-allow_ newer_versions. patch: refresh - 12. By Antonio Terceiro
-
[ Christian Hofstaedtler ]
* Bump journey, sprockets dependency to match gem metadata
* Allow newer versions of various dependencies
* Fix format of debian-copyright (missing-license- paragraph- in-dep5- copyright) - 11. By Antonio Terceiro
-
* Bump Standards-Version to 3.9.4; no changes needed.
* update debian/control.in to reflect changes in debian/control
* Fix invalid gemspec data in patch
debian/patches/ 0001-loosen_ sprockets_ dependency. patch: the problem was
that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a
floating point number, but version numbers are supposed to be strings! So
the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed
as a string. (Closes: #710819) - 9. By Ondřej Surý
-
* [CVE-2013-1855]: Fix XSS vulnerability in sanitize_css in Action Pack
* [CVE-2013-1857]: Fix XSS Vulnerability in the sanitize helper of Ruby on Rails - 8. By Antonio Terceiro
-
debian/
patches/ CVE-2013- 0155.patch: fix Unsafe Query Generation Risk
[CVE-2013-0155] (Closes: #697802) - 7. By Antonio Terceiro
-
* Add patches for security problems (Closes: #684454):
+ CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
prompt
+ CVE-2012-3465 - XSS Vulnerability in strip_tags
+ Both patches were edited from their original versions in two ways:
- the leading a/ and b/ from the filenames were stripped
- changes over test files were removed, since the Debian package
contains no test files.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/ruby-actionpack-3.2