[DRE-commits] [SCM] rails-2.3.git branch, debian-sid, updated. 0288d3496b551d2b35d0233f10713cb4d65bf2d6
Ondřej Surý
ondrej at sury.org
Fri Jun 10 14:27:40 UTC 2011
The following commit has been merged in the debian-sid branch:
commit 7ab2958619d04378f153765cac8cea2a99621593
Author: Ondřej Surý <ondrej at sury.org>
Date: Tue Jun 7 15:12:11 2011 +0200
prepare 2.3.11-1 release
diff --git a/debian/changelog b/debian/changelog
index 1ed6367..42f9730 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,560 @@
-ruby-rails-2.3 (2.3.11-1) UNRELEASED; urgency=low
+ruby-rails-2.3 (2.3.11-1) unstable; urgency=low
- * Initial release (Closes: #nnnn)
+ [ Ondřej Surý ]
+ * Convert package to gem2deb format
+ * Split the package to individual gems instead of one big bundle
+ * Rename rails-ruby1.8 to ruby-rails-2.3
+ * Move the package under the pkg-ruby-extras umbrella
+ * Use RAILS_VERSION from metadata.yml to generate dependencies
+ * B-D on gem2deb (>= 0.2.4)
+ * Add require-rubygems.overrides
+ * Install rails binaries to /usr/lib/rails/bin and make them
+ executable
+ * Merge src:rails patches:
+ + Change default listening socket to 127.0.0.1 from 0.0.0.0
+ + Fix documentation about default listening address
+ + Modified a string that recommends the user to do Very Bad Things
+ * Add Depends/Replaces/Conflicts on rails-ruby1.8
- -- Ondřej Surý <ondrej at debian.org> Fri, 03 Jun 2011 09:23:02 +0200
+ -- Ondřej Surý <ondrej at debian.org> Tue, 07 Jun 2011 15:17:05 +0200
+
+rails (2.3.11-0.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Imported Upstream version 2.3.11
+ + Fix for CVE-2011-0446 and CVE-2011-0447
+
+ -- Ondřej Surý <ondrej at debian.org> Fri, 27 May 2011 12:41:54 +0200
+
+rails (2.3.5-1.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+
+ [ Laurent Bigonville ]
+ * Fix documentation about default listening address (Closes: #583149)
+
+ [ Gunnar Wolf ]
+ * Modified a string that recommends the user to do Very Bad Things
+ (Closes: #603048)
+
+ -- Mehdi Dogguy <mehdi at debian.org> Mon, 27 Dec 2010 20:38:02 +0100
+
+rails (2.3.5-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Added missing build-dependencies for rails-ruby1.8 on libactionpack-
+ ruby1.8, libactionmailer-ruby1.8 and libactiveresource-ruby1.8
+ (Closes: #587048)
+ * Fixed broken symlink to railties on new project generator (Closes:
+ #583219)
+
+ -- Gunnar Wolf <gwolf at debian.org> Thu, 26 Aug 2010 12:36:28 -0500
+
+rails (2.3.5-1) unstable; urgency=low
+
+ * New upstream release (closes: #547658)
+ * Package is now split up and non-core rails components, like AR, are on
+ the ruby load path. (closes: #469524, #517328)
+ * debian/control
+ + Depend on rubygems.
+ + Suggest thin or thin1.8 as a possible server to run your production
+ environment on. This is particularly useful if it is already being
+ proxied.
+ + xml-simple is no longer used by rails
+ + Updated Standard to 3.8.4
+
+ -- Adam Majer <adamm at zombino.com> Sun, 23 May 2010 01:21:31 -0500
+
+rails (2.2.3-1) unstable; urgency=high
+
+ * New upstream release (closes: #545063)
+ + Fixes XSS security hole [CVE-2009-3009]
+ + Fixes timing issue with cookie store [CVE-2009-3086]
+ * Remove dependency on ruby-dbi, as it is not required by any of the
+ sources.
+ * Correct dependency on fixed libxml-simple-ruby to 1.0.11-2 or later
+ (closes: #538982)
+ * debian/control
+ + Change section from web to ruby
+ + Updated to debhelper 7.0+
+ + Standards updated to 3.8.3 - no changes
+
+ -- Adam Majer <adamm at zombino.com> Fri, 11 Sep 2009 13:53:42 -0500
+
+rails (2.2.2-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Build-depends on rubygems. (Closes: #522009)
+
+ -- Tiago Bortoletto Vaz <tiago at debian-ba.org> Thu, 18 Jun 2009 11:41:19 -0300
+
+rails (2.2.2-1) unstable; urgency=low
+
+ * New upstream release (closes: #510580, 510580)
+ + fixes the problem with migration with symbolic field types
+ (closes: #511860)
+ * debian/control:
+ + Depend on Rake 0.8.3 or later
+ + Build-Depends-Indep on libmocha-ruby for unit tests
+ + Move most of the build dependencies to Build-Depends-Indep
+ + Remove the predepends as Lenny is released
+ * Load XMLSimple without specifying a path (closes: #514582)
+ * Add an explanation how to configure non-packaged rails adds to work
+ with Debian version of rails. Also include a tiny script to help in
+ this effort. Tomas Pospisek provided the patch. (closes: #499187)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 03 Mar 2009 12:40:53 -0600
+
+rails (2.1.0-5) unstable; urgency=high
+
+ * Sanitize the URLs passed to redirect_to to prevent a potential
+ response splitting attack. Patch from upstream.
+
+ -- Adam Majer <adamm at zombino.com> Sun, 19 Oct 2008 12:17:55 -0500
+
+rails (2.1.0-4) unstable; urgency=low
+
+ * Added a fix for binary data corruption with PostgreSQL backend. This
+ occurred whenever the binary data included ASCII value of \ followed
+ by three numbers.
+ * The fix in ActiveRecord to address SQL injection in :limit and :offset
+ was not complete. MySQL backend was still affected as it redefined the
+ problematic functions. Pulled in upstream patch. CVE-2008-4094
+ (closes: #500791)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 23 Sep 2008 11:33:58 -0500
+
+rails (2.1.0-3) unstable; urgency=high
+
+ * Security fix pulled from upstream for a REXML expansion
+ DoS. (CVE-2008-3790)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 09 Sep 2008 00:00:34 -0500
+
+rails (2.1.0-2) unstable; urgency=low
+
+ * Remove dependency on rubygems for the build process. (closes:
+ #490419)
+ * Use also use Debian supplied gems 'builder' and 'xml-simple'
+ instead of using the upstream's supplied version, which is
+ redundant.
+ * Remove extraneous depends on rubygems. It is already depended on
+ through libruby1.8-extras (closes: #491125)
+
+ -- Adam Majer <adamm at zombino.com> Mon, 21 Jul 2008 12:14:08 -0500
+
+rails (2.1.0-1) unstable; urgency=low
+
+ * New upstream release
+ + No longer breaks with ruby 1.8.7 (closes: #484351)
+ * Use libjs-prototype prototype library instead of upstream
+ bundled (closes: #475288)
+ * Added Vcs-* and Homepage data to debian/control
+ * doc-base section changed to 'Programming'
+
+ -- Adam Majer <adamm at zombino.com> Fri, 04 Jul 2008 18:00:20 -0500
+
+rails (2.0.2-2) unstable; urgency=low
+
+ * Added upstream patch from ticket #11127 to support the newer
+ ruby-pg. (closes: #476449)
+ * Added dependency on rubygems (closes: #468206)
+ * Sqlite3 is now the default DB used, if another is not specified when
+ the project is initially created. (closes: #468803)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 22 Apr 2008 13:21:16 -0500
+
+rails (2.0.2-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix FTBFS by replacing File.cp with a simple "cp" call. Patch by Michael
+ Schulte, thanks. (Closes: #464285)
+
+ -- Marc 'HE' Brockschmidt <he at debian.org> Sun, 09 Mar 2008 13:44:25 +0100
+
+rails (2.0.2-1) unstable; urgency=low
+
+ * New upstream release
+ + SQLite3 is now the default database, instead of MySQL
+ + [config/environments/production.rb] production mode will now
+ longer cache templates meaning they will load A LOT faster but for
+ any changes to appear, one will have to reload the entire
+ application.
+
+ -- Adam Majer <adamm at zombino.com> Sat, 22 Dec 2007 22:22:59 -0600
+
+rails (2.0.1-2) unstable; urgency=low
+
+ * Added Pre-Depends on dpkg (>= 1.10.24) as a workaround to Debian
+ install scripts do not seem to be updated since beginning
+ of century. Can't upload bzip2 deb compressed deb without adding
+ this superfluous depend.
+ * Move libmocha-ruby1.8 from Depends to Recommends as it is only
+ needed for unit testing.
+ * Give in and depend on libruby1.8-extras. We need this to satisfy
+ dependencies on OpenSSL and the ever so popular rubygems, though
+ rails will continue to work if rubygems 'gem' fails.
+
+ -- Adam Majer <adamm at zombino.com> Tue, 18 Dec 2007 00:33:47 -0600
+
+rails (2.0.1-1) unstable; urgency=low
+
+ * New upstream release (closes: #454909)
+ + ActionWebservice is no more - rolled into ActionResource
+ + SOAP support removed
+ * Use bzip2 to compress the deb, instead of the default (gzip)
+ * Update Standards version to 3.7.3 - no changes needed
+ * Added a lot more exceptions to lintian checks - rails does not
+ need all script executable.
+
+ -- Adam Majer <adamm at zombino.com> Tue, 11 Dec 2007 18:48:45 -0600
+
+rails (1.2.6-1) unstable; urgency=high
+
+ * New upstream release
+ + Fixes a previous session-fixation attack vector that was not
+ completely fixed (see 1.2.5-1 changelog) [CVE-2007-6077] (closes:
+ #452748)
+ * Use bash systax in bash script instead of ruby syntax. Fixes the
+ -I/--internal parameter so one can pass switches directly to the
+ upstream rails ruby script (closes: #381295, #390886)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 27 Nov 2007 22:22:34 -0600
+
+rails (1.2.5-1) unstable; urgency=low
+
+ * This is a new upstream release that addresses problems not
+ corrected in 1.2.4 or regressions.
+ + to_json XSS [CVE-2007-3227] is really closed now
+ + Potential Information Disclosure or DoS with Hash#from_xml
+ [CVE-2007-5379]
+ + Session Fixation attacks. [CVE-2007-5380] URL based sessions are
+ now disabled by default. Session ids are only accepted from
+ cookies by default now.
+
+ -- Adam Majer <adamm at zombino.com> Sun, 14 Oct 2007 21:12:34 -0500
+
+rails (1.2.4-1) unstable; urgency=low
+
+ * New upstream release. Fixes at least 2 XSS bugs.
+ + Secure #sanitize, #strip_tags, and #strip_links helpers against
+ xss attacks. Upstream changeset 7589
+ + to_json did not escape values which allows for XSS. Applied
+ upstream changesets 6893, 6894. This bug as also been assigned
+ designation CVE-2007-3227 (closes: #429177)
+ * Add dependency on Sqlite3 as ActiveRecord supports this DB as
+ well
+ * Add dependency on libmocha which is needed by some unit tests
+
+ -- Adam Majer <adamm at zombino.com> Mon, 08 Oct 2007 11:27:25 -0500
+
+rails (1.2.3-2) unstable; urgency=low
+
+ * Add mojo for doc-base document registration thanks to the patch by
+ Remi Vanicat. (closes: 386689)
+ * Upload to Sid now that Etch is out
+
+ -- Adam Majer <adamm at zombino.com> Sun, 06 May 2007 17:31:29 -0500
+
+rails (1.2.3-1) experimental; urgency=low
+
+ * New upstream release
+
+ -- Adam Majer <adamm at zombino.com> Mon, 19 Mar 2007 13:36:52 -0500
+
+rails (1.2.2-2) experimental; urgency=low
+
+ * We cannot remove the link vendor/rails, but we can point it so it
+ is not recursive. Recursive links seem to break eclipse and lack
+ of vendor/rails breaks rails.
+ The link target will create a non-recursive link, but a rails
+ deployment that copies the rails directories will still contain
+ recursive symlink. The problem is really in Eclipse though. It
+ should handle recursive symlinks.
+
+ -- Adam Majer <adamm at zombino.com> Tue, 20 Feb 2007 13:22:24 -0600
+
+rails (1.2.2-1) experimental; urgency=low
+
+ * New upstream release (closes: #408688)
+ * Remove link that crashes eclipse (closes: #405344)
+
+ -- Adam Majer <adamm at zombino.com> Tue, 20 Feb 2007 12:08:03 -0600
+
+rails (1.1.6-3) unstable; urgency=low
+
+ * Remove the 12_options patch which actually breaks select.
+ (closes: #406658)
+
+ -- Adam Majer <adamm at zombino.com> Sun, 14 Jan 2007 12:41:58 -0600
+
+rails (1.1.6-2) unstable; urgency=low
+
+ * [12_options] Fixes inconsistent behavior of select helper
+ functions.
+ * Added libfcgi-ruby1.8 to Suggests
+ * Conflict with libdevel-logger-ruby1.8 until after Etch is released
+ (closes: #405555)
+
+ -- Adam Majer <adamm at zombino.com> Thu, 11 Jan 2007 00:01:34 -0600
+
+rails (1.1.6-1) unstable; urgency=emergency
+
+ * New upstream 'security hole fix' release
+ + This one fixes the fix in 1.1.5 as that one was still
+ vulnerable. (closes: #382255)
+
+ -- Adam Majer <adamm at zombino.com> Thu, 10 Aug 2006 13:43:01 -0500
+
+rails (1.1.5-1) unstable; urgency=emergency
+
+ * New upstream release
+ + Fixes a remote security hole [Bugtraq 19454]
+
+ -- Adam Majer <adamm at zombino.com> Thu, 10 Aug 2006 10:50:13 -0500
+
+rails (1.1.4-2) unstable; urgency=low
+
+ * Change default listening socket to 127.0.0.1 from 0.0.0.0
+
+ -- Adam Majer <adamm at zombino.com> Thu, 27 Jul 2006 21:56:53 -0500
+
+rails (1.1.4-1) unstable; urgency=low
+
+ * New upstream release
+ * Moved build-depends-indep to build-depends to prevent build
+ failures.
+
+ -- Adam Majer <adamm at zombino.com> Mon, 10 Jul 2006 14:06:08 -0500
+
+rails (1.1.2-1) unstable; urgency=low
+
+ * New upstream release
+ * Added support to specify database name (using -D) and to specify
+ options that will be passed to rails script directly (-I). Added
+ these to manpage as well. (closes: #361990)
+ * Depend and build-depend on rake >7.0 (closes: #362890)
+ * Updated standards to version 3.7.2. No changes.
+
+ -- Adam Majer <adamm at zombino.com> Sun, 14 May 2006 01:08:49 -0500
+
+rails (1.1.0release-1) unstable; urgency=low
+
+ * New upstream release
+ * Added a link to railties/config directory as an example of
+ configuration files
+
+ -- Adam Majer <adamm at zombino.com> Tue, 4 Apr 2006 14:05:04 -0500
+
+rails (1.1.0rc1-2) unstable; urgency=low
+
+ * Fixed a problem that prevents rails from creating new projects
+ thanks to Nobuhiro IMAI (closes: #359227)
+
+ -- Adam Majer <adamm at zombino.com> Mon, 27 Mar 2006 11:13:21 -0600
+
+rails (1.1.0rc1-1) unstable; urgency=low
+
+ * New upstream version.
+ + Fixes FTBFS with new rdoc (closes: #357011)
+ * Changed vendor/rails link to be relative, not absolute when first
+ created.
+
+ -- Adam Majer <adamm at zombino.com> Sun, 26 Mar 2006 00:23:24 -0600
+
+rails (1.0.0-2) unstable; urgency=low
+
+ * Applied a patch to correctly set rdoc options. (closes: #357001)
+
+ -- Adam Majer <adamm at zombino.com> Sat, 25 Mar 2006 21:02:26 -0600
+
+rails (1.0.0-1) unstable; urgency=low
+
+ * New upstream release
+ + Now handles multiple databases (closes: #341496)
+ * Modified Suggests: to include mod_fcgid (closes: #339953)
+
+ -- Adam Majer <adamm at zombino.com> Thu, 15 Dec 2005 12:40:38 -0600
+
+rails (0.14.3-1) unstable; urgency=low
+
+ * New upstream release
+ * Modified Suggests: to include mod-ruby for Apache2 users. (closes:
+ #331233)
+ * Build-Depend on rake > 0.6.0 (closes: #333700)
+ * /usr/bin/rails now creates a rails->. symlink in vendor directory. This is
+ needed to sidestep the gems requirements
+
+ -- Adam Majer <adamm at zombino.com> Thu, 13 Oct 2005 18:38:16 -0500
+
+rails (0.13.1-2) unstable; urgency=low
+
+ * Fixed logger problems such that it works with both 1.8.2 and 1.8.3
+ (closes: #330400). Upstream changes are:
+ + Fixed clean logger to work with Ruby 1.8.3 Logger class (#2245)
+ + Clean logger is compatible with both 1.8.2 and 1.8.3 Logger. (#2263)
+ [Michael Schuerig <michael at schuerig.de>]
+
+ -- Adam Majer <adamm at zombino.com> Thu, 29 Sep 2005 16:24:22 -0500
+
+rails (0.13.1-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Adam Majer <adamm at zombino.com> Mon, 11 Jul 2005 10:22:39 -0500
+
+rails (0.13.0-1) unstable; urgency=low
+
+ * New upstream release
+ + Fixes problem with action web service (closes: #317044)
+ * Remove an unnecessary depend on libtest-unit-ruby (closes: #315254)
+ * Updated standards to 3.6.2
+
+ -- Adam Majer <adamm at zombino.com> Wed, 6 Jul 2005 18:59:12 -0500
+
+rails (0.12.1-2) unstable; urgency=low
+
+ * Enabled patch supporting PostgreSQL schemas
+ * Added routing patch (upstream patch 1375). This patch changes routing such
+ that the longest possible path is matched against the controller, not the
+ first possible path.
+
+ -- Adam Majer <adamm at zombino.com> Mon, 30 May 2005 11:47:51 -0500
+
+rails (0.12.1-1) unstable; urgency=low
+
+ * New upstream release. Packaged SVN changeset 1234 as rails 0.12.1 due to
+ lack of upstream tag (closes: #306389)
+ * Added some upstream patches
+ + Fixed acts_as_list where deleting an item that was removed from the
+ list would ruin the positioning of other list items #1197 [Jamis Buck]
+ + This patch adds new options `encoding' and `min_messages' to
+ database.yml for PostgreSQL
+ + Patch removing extraneous comma in count() (#1156)
+
+ -- Adam Majer <adamm at zombino.com> Wed, 27 Apr 2005 20:55:32 -0500
+
+rails (0.12.0-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Adam Majer <adamm at zombino.com> Tue, 19 Apr 2005 14:17:17 -0500
+
+rails (0.11.1-3) unstable; urgency=low
+
+ * Turned off ActiveRecord::Base.@@colorize_logging. Colorized logs are
+ difficult to view on any other than background than black and difficult to
+ parse.
+
+ -- Adam Majer <adamm at zombino.com> Mon, 18 Apr 2005 17:01:18 -0500
+
+rails (0.11.1-2) unstable; urgency=low
+
+ * Fixed the Inflector patch
+
+ -- Adam Majer <adamm at zombino.com> Wed, 30 Mar 2005 17:29:29 -0600
+
+rails (0.11.1-1) unstable; urgency=low
+
+ * New upstream release
+ * Added some patches (submitted upstream to #950, #962) that should add
+ support for PostgreSQL schemas to Fixtures as well as to enable static
+ mapping between table names and classes using set_table_name (only set in
+ Inflector if the name is not the one guessed).
+
+ -- Adam Majer <adamm at zombino.com> Sun, 27 Mar 2005 14:56:35 -0600
+
+rails (0.11.0-2) unstable; urgency=low
+
+ * Fix broken config/environment.rb to use "old" vendor directories.
+
+ -- Adam Majer <adamm at zombino.com> Fri, 25 Mar 2005 01:28:05 -0600
+
+rails (0.11.0-1) unstable; urgency=low
+
+ * New upstream release
+ - Ajax, Pagination, Non-vhost, Incoming mail support
+ * Included tmail in the vendor distribution. Rails extended tmail with some
+ new code and Debian's distribution of tmail is not sufficient.
+
+ -- Adam Majer <adamm at zombino.com> Wed, 23 Mar 2005 13:29:19 -0600
+
+rails (0.10.1-7) unstable; urgency=low
+
+ * Hmmmm. Fixed the missing Depends problem.. (closes: #300637)
+
+ -- Adam Majer <adamm at zombino.com> Sun, 20 Mar 2005 16:27:56 -0600
+
+rails (0.10.1-6) unstable; urgency=low
+
+ * Simplify depends. libruby >= 1.8.2-3 reduces the number of packages in the
+ archive. Thank you ruby mainteiners!
+
+ -- Adam Majer <adamm at zombino.com> Tue, 15 Mar 2005 15:53:07 -0600
+
+rails (0.10.1-5) unstable; urgency=low
+
+ * Added rdoc to build depends thanks to Roland Stigge (closes: #299381)
+
+ -- Adam Majer <adamm at zombino.com> Sun, 13 Mar 2005 16:31:29 -0600
+
+rails (0.10.1-4) unstable; urgency=low
+
+ * Added libredcloth-ruby1.8 to Depends. Now if someone would package
+ bluecloth as well (hint, hint!)
+
+ -- Adam Majer <adamm at zombino.com> Sat, 12 Mar 2005 00:52:26 -0600
+
+rails (0.10.1-3) unstable; urgency=low
+
+ * Rewrote /usr/bin/rails to accomodate updates
+ + /vendor and upstream documentation are now symlinks by default. -l
+ command line option was removed. This allows for automated updates to
+ latest rails.
+ + Added -C command line option one wants a copy of /vendor or rails
+ documentation instead of symlinks
+ + Added -F commend line option to force overwrite of user files during an
+ update
+ * Rails documentation is now pregenerated and located in
+ /usr/share/doc/rails/html.
+ * Added rake as a build dependecy
+
+ -- Adam Majer <adamm at zombino.com> Fri, 11 Mar 2005 21:41:02 -0600
+
+rails (0.10.1-2) unstable; urgency=low
+
+ * Updated dependencies. All dependencies now checked. Some non-critical
+ ones like memcache are missing in Debian, but rails should be unaffected.
+
+ -- Adam Majer <adamm at zombino.com> Mon, 7 Mar 2005 15:39:23 -0600
+
+rails (0.10.1-1) unstable; urgency=low
+
+ * New upstream release
+ * Fix more missing dependencies
+ * Removed bash>3 dependency in /usr/bin/rails script (closes: #298180)
+ * Added a watch file to monitor later upstream version. Not good for updates
+ though since upstream doesn't seem to have a true source tar.gz file.
+ Source distribution only available from tagged svn.
+ * Set default socket for MySQL to /var/run/mysqld/mysqld.sock thanks for a
+ patch from Alberto Brealey-Guzman (closes: #298258)
+
+ -- Adam Majer <adamm at zombino.com> Sat, 7 Mar 2005 13:51:15 -0600
+
+rails (0.10.0-1) unstable; urgency=low
+
+ * New upstream release
+ + Adds web service support (actionwebservice)
+ + Adds URI routing to end the Apache mod_rewrite hell
+ + Added Oracle support. Rails now supports PostgreSQL, MySQL, SQLite,
+ MSSQL and Oracle database backends.
+ + and many bug fixes
+ * Fixed depend
+
+ -- Adam Majer <adamm at zombino.com> Sun, 27 Feb 2005 20:52:29 -0600
+
+rails (0.9.5-1) unstable; urgency=low
+
+ * Initial Release (closes: #293055)
+
+ -- Adam Majer <adamm at zombino.com> Fri, 4 Feb 2005 21:20:52 -0600
--
rails-2.3.git
More information about the Pkg-ruby-extras-commits
mailing list