Skip to content
This repository
tag: v3.0.16

Jul 26, 2012

  1. Aaron Patterson

    bumping to 3.0.16

    authored July 26, 2012
  2. Aaron Patterson

    updating release date

    authored July 26, 2012
  3. Aaron Patterson

    updating changelog with CVE

    authored July 26, 2012
  4. Aaron Patterson

    * Do not convert digest auth strings to symbols. CVE-2012-3424

    authored July 26, 2012

Jul 23, 2012

  1. Aaron Patterson

    updating changelogs

    authored July 23, 2012

Jun 13, 2012

  1. Aaron Patterson

    3.0.15

    authored June 12, 2012
  2. Aaron Patterson

    we haven't monkey patched the Result class, so use each

    authored June 12, 2012

Jun 12, 2012

  1. Aaron Patterson

    updating changelogs

    authored June 12, 2012

Jun 11, 2012

  1. Aaron Patterson

    bumping to 3.0.14

    authored June 11, 2012
  2. Aaron Patterson

    updating changelogs with security fixes

    authored June 11, 2012
  3. Aaron Patterson

    bumping versions in the CHANGELOG

    authored June 11, 2012
  4. Aaron Patterson

    Merge branch '3-0-stable-sec' into 3-0-stable-rel

    * 3-0-stable-sec:
      Array parameters should not contain nil values.
      Additional fix for CVE-2012-2661
    authored June 11, 2012
  5. Toshinori Kajihara

    Fix GH #3163. Should quote database on mysql/mysql2.

    Conflicts:
    
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    
    Conflicts:
    
    	activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    
    Conflicts:
    
    	activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb
    	activerecord/lib/active_record/connection_adapters/mysql_adapter.rb
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    	activerecord/test/cases/adapters/mysql2/schema_test.rb
    authored March 03, 2012 tenderlove committed June 11, 2012
  6. Aaron Patterson

    Array parameters should not contain nil values.

    authored June 10, 2012

Jun 08, 2012

  1. Ernie Miller

    Additional fix for CVE-2012-2661

    While the patched PredicateBuilder in 3.0.13 prevents a user
    from specifying a table name using the `table.column` format,
    it doesn't protect against the nesting of hashes changing the
    table context in the next call to build_from_hash. This fix
    covers this case as well.
    authored June 08, 2012 tenderlove committed June 08, 2012

May 31, 2012

  1. Aaron Patterson

    Merge branch '3-0-rel' into 3-0-stable

    * 3-0-rel:
      bumping to 3.0.13
      updating CHANGELOGs
      bumping to 3.0.13.rc1
    authored May 31, 2012
  2. Aaron Patterson

    Merge branch '3-0-stable-sec' into 3-0-stable

    * 3-0-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    authored May 31, 2012
  3. Aaron Patterson

    bumping to 3.0.13

    authored May 31, 2012
  4. Aaron Patterson

    updating CHANGELOGs

    authored May 31, 2012
  5. Aaron Patterson

    Merge branch '3-0-stable-sec' into 3-0-rel

    * 3-0-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    authored May 31, 2012

May 30, 2012

  1. Aaron Patterson

    Strip [nil] from parameters hash.

    Thanks to Ben Murphy for reporting this!
    
    CVE-2012-2660
    
    Conflicts:
    
    	actionpack/lib/action_dispatch/http/request.rb
    authored May 30, 2012
  2. Aaron Patterson

    predicate builder should not recurse for determining where columns.

    Thanks to Ben Murphy for reporting this
    
    CVE-2012-2661
    authored May 30, 2012

May 28, 2012

  1. Aaron Patterson

    bumping to 3.0.13.rc1

    authored May 28, 2012

May 27, 2012

  1. Rafael Mendonça França

    Remove test for not accepted protocols to auto_link

May 26, 2012

  1. Rafael Mendonça França

    Merge pull request #6495 from homakov/3-0-stable

    auto_link shouldn't always sanitize
  2. Egor Homakov

    do not force sanitize and whitelist protocols for auto_link

    sanitize is not always required so we cannot make it. let's just
    whitelist protocols
    authored May 26, 2012

May 25, 2012

  1. Aaron Patterson

    Merge pull request #6485 from homakov/3-0-stable

    auto_link sanitize output
    authored May 25, 2012
  2. Egor Homakov

    auto_link final sanitize

    authored May 25, 2012

Apr 30, 2012

  1. Andrew White

    Lock mocha gem to fix the build

    New versions of mocha don't allow nil.stubs
    authored April 30, 2012
  2. Yehuda Katz

    Merge pull request #5044 from dracco/3-0-stable

    Backport Bugfix: Stack Overflow (3-0-stable)
    authored April 30, 2012

Mar 29, 2012

  1. Jeremy Kemper

    Merge pull request #5659 from carlosantoniodasilva/fix-build-3-0

    Fix build for branch 3-0-stable - ARes and ordered hash keys
    authored March 29, 2012
  2. Carlos Antonio da Silva

    Fix failing ARes test due to hash keys ordering

  3. Santiago Pastorino

    Merge pull request #5655 from yahonda/address_ora_00918_with_oracle_f…

    …or_3_0
    
    Address an error for test_has_many_through_polymorphic_has_one with Oracle
    authored March 29, 2012
  4. Yasuo Honda

    Address an error for test_has_many_through_polymorphic_has_one

    with Oracle for the 3-0-stable branch
    authored March 29, 2012

Mar 27, 2012

  1. Aaron Patterson

    Merge pull request #5613 from carlosantoniodasilva/fix-build-3-0-193

    Fix build for branch 3-0-stable - Ruby 1.9.3
    authored March 27, 2012
Something went wrong with that request. Please try again.