aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAaron Patterson <aaron.patterson@gmail.com>2012-07-26 13:30:25 -0700
committerAaron Patterson <aaron.patterson@gmail.com>2012-07-26 13:30:25 -0700
commitfb89f6f076152a0b6a05e1ac16c0c06368803f2a (patch)
treea058304d1473f91f4b1ad6d1eb6becbf2ff9e551
parent27311fef5efa598f281649074255834546d2b4ec (diff)
downloadrails-fb89f6f076152a0b6a05e1ac16c0c06368803f2a.tar.gz
rails-fb89f6f076152a0b6a05e1ac16c0c06368803f2a.tar.bz2
rails-fb89f6f076152a0b6a05e1ac16c0c06368803f2a.zip
updating the changelog
-rw-r--r--actionpack/CHANGELOG.md2
1 files changed, 2 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 770576f826..1f17e9a08c 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,5 +1,7 @@
## Rails 3.2.7 (unreleased) ##
+* Do not convert digest auth strings to symbols. CVE-2012-3424
+
* Bump Journey requirements to 1.0.4
* Add support for optional root segments containing slashes