diff options
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/CHANGELOG.md | 8 | ||||
-rw-r--r-- | actionpack/lib/action_pack/version.rb | 2 |
2 files changed, 9 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index ca2a14535c..ff72af724b 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,11 @@ +* Deep Munge the parameters for GET and POST Fixes CVE-2013-6417 + +* Stop using i18n's built in HTML error handling. Fixes: CVE-2013-4491 + +* Escape the unit value provided to number_to_currency Fixes CVE-2013-6415 + +* Only use valid mime type symbols as cache keys CVE-2013-6414 + ## Rails 3.2.15 (Oct 16, 2013) ## * Fix `ActionDispatch::RemoteIp::GetIp#calculate_ip` to only check for spoofing diff --git a/actionpack/lib/action_pack/version.rb b/actionpack/lib/action_pack/version.rb index dda9fd66d2..33d221e091 100644 --- a/actionpack/lib/action_pack/version.rb +++ b/actionpack/lib/action_pack/version.rb @@ -2,7 +2,7 @@ module ActionPack module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 15 + TINY = 16 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') |