Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Forgot railties changelog

git-svn-id: http://svn-commit.rubyonrails.org/rails/branches/1-2-stable@8196 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit 9c190098e0f80cf2638223142f335ffb25212b86 1 parent d421bb9
@NZKoz NZKoz authored
Showing with 6 additions and 0 deletions.
  1. +6 −0 railties/CHANGELOG
View
6 railties/CHANGELOG
@@ -1,3 +1,9 @@
+*1.2.6* (November 24th, 2007)
+
+* Fix :cookie_only to correctly avoid session fixation attacks (CVE-2007-6077)
+
+* Fix regression where the association would not construct new finder SQL on save causing bogus queries for "WHERE owner_id = NULL" even after owner was saved.
+
*1.2.5* (October 12th, 2007)
* Correct RAILS_GEM_VERSION regexp. Use =version gem requirement instead of ~>version so you don't get surprised by a beta gem in production. This change means upgrading to 1.2.5 will require a boot.rb upgrade. [Jeremy Kemper]
Please sign in to comment.
Something went wrong with that request. Please try again.