aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel
diff options
context:
space:
mode:
authorCarlos Antonio da Silva <carlosantoniodasilva@gmail.com>2013-02-11 23:41:17 -0200
committerCarlos Antonio da Silva <carlosantoniodasilva@gmail.com>2013-02-11 23:41:18 -0200
commitc0022f8d885d5cca8a7f7d3d64c60af1e04684ea (patch)
treed861fa0eb501e7a47e12eca3da76da470d53d181 /activemodel
parente0da95bd7e058d2b3199691484550b54c385d6ed (diff)
downloadrails-c0022f8d885d5cca8a7f7d3d64c60af1e04684ea.tar.gz
rails-c0022f8d885d5cca8a7f7d3d64c60af1e04684ea.tar.bz2
rails-c0022f8d885d5cca8a7f7d3d64c60af1e04684ea.zip
Add note about attr_protected fix in Active Model changelog [ci skip]
Diffstat (limited to 'activemodel')
-rw-r--r--activemodel/CHANGELOG.md5
1 files changed, 4 insertions, 1 deletions
diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md
index 775bf344d4..73837e7de6 100644
--- a/activemodel/CHANGELOG.md
+++ b/activemodel/CHANGELOG.md
@@ -3,7 +3,10 @@
## Rails 3.2.12 (Fev 11, 2013) ##
-* No changes.
+* Fix issue with `attr_protected` where malformed input could circumvent protection.
+ CVE-2013-0276
+
+ *joerncheen*
## Rails 3.2.11 (Jan 8, 2013) ##