From c093c3d8a9231c691517556ff5a4013c02dc193a Mon Sep 17 00:00:00 2001
From: Justin Collins <justin@presidentbeef.com>
Date: Thu, 10 Apr 2014 23:04:47 -0700
Subject: [PATCH] Update CHANGES

 * Fix false positives when sanitize() is used in SQL (Jeff Yip)
 * Add String#intern and Hash#symbolize_keys DoS check (Jan Rusnacko)
 * Check all arguments in Model.select for SQLi
 * Fix false positive when :host is specified in redirect
 * Handle more non-literals in routes
---
 CHANGES | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGES b/CHANGES
index cce1c6b395..5ea2187a8d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 # Unreleased
 
+ * Fix false positives when sanitize() is used in SQL (Jeff Yip)
+ * Add String#intern and Hash#symbolize_keys DoS check (Jan Rusnacko)
+ * Check all arguments in Model.select for SQLi
+ * Fix false positive when :host is specified in redirect
+ * Handle more non-literals in routes
  * Add check for regex denial of service (Ben Toews) 
 
 # 2.4.3