aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/CHANGELOG.md
diff options
context:
space:
mode:
authorAaron Patterson <aaron.patterson@gmail.com>2013-01-08 11:37:48 -0800
committerAaron Patterson <aaron.patterson@gmail.com>2013-01-08 11:37:48 -0800
commit48810a52dfba26cef127168af447a9620d4555c3 (patch)
tree5df95d8adbfcade0f7fedcc06e8e4fe1cdab6580 /actionpack/CHANGELOG.md
parentf64be7d0d825828098617e6b7c2645dda72d4c18 (diff)
parent746dbd89faf8197e6d6f35f6e428a024923116a2 (diff)
downloadrails-48810a52dfba26cef127168af447a9620d4555c3.tar.gz
rails-48810a52dfba26cef127168af447a9620d4555c3.tar.bz2
rails-48810a52dfba26cef127168af447a9620d4555c3.zip
Merge branch '3-2-sec' into 3-2-secmerge
* 3-2-sec: bumping version CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu Avoid Rack security warning no secret provided Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r--actionpack/CHANGELOG.md7
1 files changed, 5 insertions, 2 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 390bc39ba4..4e2f409eac 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,4 +1,4 @@
-## Rails 3.2.11 (unreleased) ##
+## Rails 3.2.12 (unreleased) ##
* Bump `rack` dependency to 1.4.3, eliminate `Rack::File` headers deprecation warning.
@@ -93,11 +93,14 @@
*Daniel Fox, Grant Hutchins & Trace Wax*
+## Rails 3.2.11 ##
+
+* Strip nils from collections on JSON and XML posts. [CVE-2013-0155]
+
## Rails 3.2.10 (Jan 2, 2013) ##
* No changes.
-
## Rails 3.2.9 (Nov 12, 2012) ##
* Clear url helpers when reloading routes.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-28 21:40:18 +0000