Update CHANGELOGs for 6.0.0.beta3 release

author: John Hawthorn <john@hawthorn.email> 2019-03-22 13:13:01 -0700
committer: John Hawthorn <john@hawthorn.email> 2019-03-22 13:13:01 -0700
commit: 5c2d695993080f294c54353954254aa44c6da12c (patch)
tree: 46cd8fc5bcce6dbd66584c32c48b353b8d5b9149 /railties/CHANGELOG.md
parent: f40860800c231ecd1daef6cf6b5a8a8eda76478d (diff)
download: rails-5c2d695993080f294c54353954254aa44c6da12c.tar.gz
rails-5c2d695993080f294c54353954254aa44c6da12c.tar.bz2
rails-5c2d695993080f294c54353954254aa44c6da12c.zip
1 files changed, 11 insertions, 1 deletions
diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md
index 226b949b34..754f11212c 100644
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@@ -4,7 +4,17 @@
 
 ## Rails 6.0.0.beta3 (March 11, 2019) ##
 
-*   No changes.
+*   Generate random development secrets
+
+    A random development secret is now generated to tmp/development_secret.txt
+
+    This avoids an issue where development mode servers were vulnerable to
+    remote code execution.
+
+    Fixes CVE-2019-5420
+
+    *Eileen M. Uchitelle*, *Aaron Patterson*, *John Hawthorn*
+
 
 
 ## Rails 6.0.0.beta2 (February 25, 2019) ##
author	John Hawthorn <john@hawthorn.email>	2019-03-22 13:13:01 -0700
committer	John Hawthorn <john@hawthorn.email>	2019-03-22 13:13:01 -0700
commit	5c2d695993080f294c54353954254aa44c6da12c (patch)
tree	46cd8fc5bcce6dbd66584c32c48b353b8d5b9149 /railties/CHANGELOG.md
parent	f40860800c231ecd1daef6cf6b5a8a8eda76478d (diff)
download	rails-5c2d695993080f294c54353954254aa44c6da12c.tar.gz rails-5c2d695993080f294c54353954254aa44c6da12c.tar.bz2 rails-5c2d695993080f294c54353954254aa44c6da12c.zip