[DRE-commits] [rails] 03/03: New upstream release; fixes security issues
Antonio Terceiro
terceiro at moszumanska.debian.org
Mon Aug 22 17:33:28 UTC 2016
This is an automated email from the git hooks/post-receive script.
terceiro pushed a commit to branch master
in repository rails.
commit 13e1981478862a2f7d6e70c24a8f4f96f9ec57bf
Author: Antonio Terceiro <terceiro at debian.org>
Date: Sat Aug 20 10:58:23 2016 -0300
New upstream release; fixes security issues
---
debian/changelog | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 0e4eb1e..385c72a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,11 @@
-rails (2:4.2.6-3) UNRELEASED; urgency=medium
+rails (2:4.2.7.1-1) UNRELEASED; urgency=medium
+ * New upstream release; includes fixes for the following issues:
+ - CVE-2016-6317: unsafe query generation in Active Record (Closes: #834154)
+ - CVE-2016-6316: Possible XSS Vulnerability in Action View (Closes: #834155)
* debian/watch: restrict to the 4.x series for now
- -- Antonio Terceiro <terceiro at debian.org> Sat, 20 Aug 2016 10:54:17 -0300
+ -- Antonio Terceiro <terceiro at debian.org> Sat, 20 Aug 2016 10:58:57 -0300
rails (2:4.2.6-2) unstable; urgency=medium
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/rails.git
More information about the Pkg-ruby-extras-commits
mailing list