Permalink
Commits on Jul 26, 2012
  1. bumping to 3.0.16

    tenderlove committed Jul 26, 2012
  2. updating release date

    tenderlove committed Jul 26, 2012
  3. updating changelog with CVE

    tenderlove committed Jul 26, 2012
Commits on Jul 23, 2012
  1. updating changelogs

    tenderlove committed Jul 23, 2012
Commits on Jun 13, 2012
  1. 3.0.15

    tenderlove committed Jun 13, 2012
Commits on Jun 12, 2012
  1. updating changelogs

    tenderlove committed Jun 12, 2012
Commits on Jun 11, 2012
  1. bumping to 3.0.14

    tenderlove committed Jun 11, 2012
  2. Merge branch '3-0-stable-sec' into 3-0-stable-rel

    * 3-0-stable-sec:
      Array parameters should not contain nil values.
      Additional fix for CVE-2012-2661
    tenderlove committed Jun 11, 2012
  3. Fix GH #3163. Should quote database on mysql/mysql2.

    Conflicts:
    
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    
    Conflicts:
    
    	activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    
    Conflicts:
    
    	activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb
    	activerecord/lib/active_record/connection_adapters/mysql_adapter.rb
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    	activerecord/test/cases/adapters/mysql2/schema_test.rb
    kennyj committed with tenderlove Mar 3, 2012
Commits on Jun 8, 2012
  1. Additional fix for CVE-2012-2661

    While the patched PredicateBuilder in 3.0.13 prevents a user
    from specifying a table name using the `table.column` format,
    it doesn't protect against the nesting of hashes changing the
    table context in the next call to build_from_hash. This fix
    covers this case as well.
    ernie committed with tenderlove Jun 8, 2012
Commits on May 31, 2012
  1. Merge branch '3-0-rel' into 3-0-stable

    * 3-0-rel:
      bumping to 3.0.13
      updating CHANGELOGs
      bumping to 3.0.13.rc1
    tenderlove committed May 31, 2012
  2. Merge branch '3-0-stable-sec' into 3-0-stable

    * 3-0-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    tenderlove committed May 31, 2012
  3. bumping to 3.0.13

    tenderlove committed May 31, 2012
  4. updating CHANGELOGs

    tenderlove committed May 31, 2012
  5. Merge branch '3-0-stable-sec' into 3-0-rel

    * 3-0-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    tenderlove committed May 31, 2012
Commits on May 30, 2012
  1. Strip [nil] from parameters hash.

    Thanks to Ben Murphy for reporting this!
    
    CVE-2012-2660
    
    Conflicts:
    
    	actionpack/lib/action_dispatch/http/request.rb
    tenderlove committed May 30, 2012
  2. predicate builder should not recurse for determining where columns.

    Thanks to Ben Murphy for reporting this
    
    CVE-2012-2661
    tenderlove committed May 30, 2012
Commits on May 28, 2012
  1. bumping to 3.0.13.rc1

    tenderlove committed May 28, 2012
Commits on May 27, 2012
Commits on May 26, 2012
  1. Merge pull request #6495 from homakov/3-0-stable

    auto_link shouldn't always sanitize
    rafaelfranca committed May 26, 2012
  2. do not force sanitize and whitelist protocols for auto_link

    sanitize is not always required so we cannot make it. let's just
    whitelist protocols
    homakov committed May 26, 2012
Commits on May 25, 2012
  1. Merge pull request #6485 from homakov/3-0-stable

    auto_link sanitize output
    tenderlove committed May 25, 2012
  2. auto_link final sanitize

    homakov committed May 25, 2012
Commits on Apr 30, 2012
  1. Lock mocha gem to fix the build

    New versions of mocha don't allow nil.stubs
    pixeltrix committed Apr 30, 2012
  2. Merge pull request #5044 from dracco/3-0-stable

    Backport Bugfix: Stack Overflow (3-0-stable)
    wycats committed Apr 30, 2012
Commits on Mar 29, 2012
  1. Merge pull request #5659 from carlosantoniodasilva/fix-build-3-0

    Fix build for branch 3-0-stable - ARes and ordered hash keys
    jeremy committed Mar 29, 2012
  2. Merge pull request #5655 from yahonda/address_ora_00918_with_oracle_f…

    …or_3_0
    
    Address an error for test_has_many_through_polymorphic_has_one with Oracle
    spastorino committed Mar 29, 2012
  3. Address an error for test_has_many_through_polymorphic_has_one

    with Oracle for the 3-0-stable branch
    yahonda committed Mar 29, 2012
Commits on Mar 27, 2012
  1. Merge pull request #5613 from carlosantoniodasilva/fix-build-3-0-193

    Fix build for branch 3-0-stable - Ruby 1.9.3
    tenderlove committed Mar 27, 2012