Change behaviour with empty array in where clause

author: robertomiranda <rjmaltamar@gmail.com> 2013-02-06 09:10:02 -0500
committer: robertomiranda <rjmaltamar@gmail.com> 2013-02-08 06:37:30 -0500
commit: 16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b (patch)
tree: 91d115ad295551d0f6e75c08047ccdbe01e6f59b /activerecord/CHANGELOG.md
parent: bcf0e08a8df372ef1be376587e5bc206c740e5ef (diff)
download: rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.tar.gz
rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.tar.bz2
rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md
index 573b7512a9..c0bef5fb46 100644
--- a/activerecord/CHANGELOG.md
+++ b/activerecord/CHANGELOG.md
@@ -1,5 +1,10 @@
 ## Rails 4.0.0 (unreleased) ##
 
+*   Change behaviour with empty array in where clause,
+    the SQL generated when  when were passed an empty array was insecure in some cases
+
+    Roberto Miranda
+
 *   Raise ArgumentError instead of generate invalid SQL when empty hash is used in where clause value
 
     Roberto Miranda
author	robertomiranda <rjmaltamar@gmail.com>	2013-02-06 09:10:02 -0500
committer	robertomiranda <rjmaltamar@gmail.com>	2013-02-08 06:37:30 -0500
commit	16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b (patch)
tree	91d115ad295551d0f6e75c08047ccdbe01e6f59b /activerecord/CHANGELOG.md
parent	bcf0e08a8df372ef1be376587e5bc206c740e5ef (diff)
download	rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.tar.gz rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.tar.bz2 rails-16f6f2592e4e6c22f06d75eb8a6ec0cb68c9404b.zip