diff options
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 75d9b557f2..d696656521 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,9 @@ +* Converts hashes in arrays of unfiltered params to unpermitted params. + + Fixes #13382 + + *Xavier Noria* + * New config option to opt out of params "deep munging" that was used to address security vulnerability CVE-2013-0155. In your app config: |