* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu

author: Aaron Patterson <aaron.patterson@gmail.com> 2013-01-04 12:02:22 -0800
committer: Aaron Patterson <aaron.patterson@gmail.com> 2013-01-08 09:08:26 -0800
commit: d5cd97baa44fa66dc681041a213092b45c57c32f (patch)
tree: f5817abd953a86aceb4710f93337405db1306ae1 /activerecord/CHANGELOG.md
parent: 95fe9ef945a35f56fa1c3ef356aec4a3b868937c (diff)
download: rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.gz
rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.bz2
rails-d5cd97baa44fa66dc681041a213092b45c57c32f.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md
index bd8a0bc039..6be0c273c8 100644
--- a/activerecord/CHANGELOG.md
+++ b/activerecord/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.2.11 ##
+
+*   Fix querying with an empty hash *Damien Mathieu* [CVE-2013-0155]
+
 ## Rails 3.2.10 ##
 
 *   CVE-2012-5664 options hashes should only be extracted if there are extra
author	Aaron Patterson <aaron.patterson@gmail.com>	2013-01-04 12:02:22 -0800
committer	Aaron Patterson <aaron.patterson@gmail.com>	2013-01-08 09:08:26 -0800
commit	d5cd97baa44fa66dc681041a213092b45c57c32f (patch)
tree	f5817abd953a86aceb4710f93337405db1306ae1 /activerecord/CHANGELOG.md
parent	95fe9ef945a35f56fa1c3ef356aec4a3b868937c (diff)
download	rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.gz rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.bz2 rails-d5cd97baa44fa66dc681041a213092b45c57c32f.zip