Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

We’re showing branches in this repository, but you can also compare across forks.

base fork: rails/rails
...
head fork: rails/rails
  • 5 commits
  • 17 files changed
  • 0 commit comments
  • 1 contributor
2  RAILS_VERSION
View
@@ -1 +1 @@
-3.0.15
+3.0.16
4 actionmailer/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
2  actionmailer/lib/action_mailer/version.rb
View
@@ -2,7 +2,7 @@ module ActionMailer
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 actionpack/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* Do not convert digest auth strings to symbols. CVE-2012-3424
+
## Rails 3.0.14 (Jun 12, 2012)
* nil is removed from array parameter values
4 actionpack/lib/action_controller/metal/http_authentication.rb
View
@@ -217,9 +217,9 @@ def decode_credentials_header(request)
end
def decode_credentials(header)
- Hash[header.to_s.gsub(/^Digest\s+/,'').split(',').map do |pair|
+ HashWithIndifferentAccess[header.to_s.gsub(/^Digest\s+/,'').split(',').map do |pair|
key, value = pair.split('=', 2)
- [key.strip.to_sym, value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')]
+ [key.strip, value.to_s.gsub(/^"|"$/,'').delete('\'')]
end]
end
2  actionpack/lib/action_pack/version.rb
View
@@ -2,7 +2,7 @@ module ActionPack
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 activemodel/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
2  activemodel/lib/active_model/version.rb
View
@@ -2,7 +2,7 @@ module ActiveModel
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 activerecord/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* protect against the nesting of hashes changing the
2  activerecord/lib/active_record/version.rb
View
@@ -2,7 +2,7 @@ module ActiveRecord
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 activeresource/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
2  activeresource/lib/active_resource/version.rb
View
@@ -2,7 +2,7 @@ module ActiveResource
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 activesupport/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
2  activesupport/lib/active_support/version.rb
View
@@ -2,7 +2,7 @@ module ActiveSupport
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
4 railties/CHANGELOG
View
@@ -1,3 +1,7 @@
+## Rails 3.0.16 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.0.14 (Jun 12, 2012)
* No changes.
2  railties/lib/rails/version.rb
View
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
2  version.rb
View
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 15
+ TINY = 16
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')

No commit comments for this range

Something went wrong with that request. Please try again.