diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-31 10:23:39 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-31 10:23:39 -0700 |
commit | 44aca7b29502995b3e2ed94f7288646f134ff612 (patch) | |
tree | e19a96ec4624baa32064ff1807a8ffe3a083b96e /actionpack | |
parent | 71827489e90f91da18ebac68c2d9e10379220a43 (diff) | |
download | rails-44aca7b29502995b3e2ed94f7288646f134ff612.tar.gz rails-44aca7b29502995b3e2ed94f7288646f134ff612.tar.bz2 rails-44aca7b29502995b3e2ed94f7288646f134ff612.zip |
adding security notifications to CHANGELOGs
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/CHANGELOG.md | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 1ec3a954fb..6f737001de 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -21,6 +21,9 @@ * Fix the redirect when it receive blocks with arity of 1. Closes #5677 +* Strip [nil] from parameters hash. Thanks to Ben Murphy for + reporting this! CVE-2012-2660 + ## Rails 3.2.3 (March 30, 2012) ## * Allow to lazy load `default_form_builder` by passing a `String` instead of a constant. *Piotr Sarnacki* |