Skip to content

Commit

Permalink
Update CHANGES
Browse files Browse the repository at this point in the history 
 * Fix false positives when sanitize() is used in SQL (Jeff Yip)
 * Add String#intern and Hash#symbolize_keys DoS check (Jan Rusnacko)
 * Check all arguments in Model.select for SQLi
 * Fix false positive when :host is specified in redirect
 * Handle more non-literals in routes
  • Loading branch information
@presidentbeef
presidentbeef committed Apr 11, 2014
1 parent cd9093d commit c093c3d
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions CHANGES
View file
@@ -1,5 +1,10 @@
# Unreleased

* Fix false positives when sanitize() is used in SQL (Jeff Yip)
* Add String#intern and Hash#symbolize_keys DoS check (Jan Rusnacko)
* Check all arguments in Model.select for SQLi
* Fix false positive when :host is specified in redirect
* Handle more non-literals in routes
* Add check for regex denial of service (Ben Toews)

# 2.4.3
Expand Down

0 comments on commit c093c3d

Please sign in to comment.