diff options
Diffstat (limited to 'activerecord/CHANGELOG.md')
| -rw-r--r-- | activerecord/CHANGELOG.md | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index 6be0c273c8..93c5aba851 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,4 +1,16 @@ -## Rails 3.2.11 ## +## Rails 3.2.12 (unreleased) ## + +* Quote numeric values being compared to non-numeric columns. Otherwise, + in some database, the string column values will be coerced to a numeric + allowing 0, 0.0 or false to match any string starting with a non-digit. + + Example: + + App.where(apikey: 0) # => SELECT * FROM users WHERE apikey = '0' + + *Dylan Smith* + +## Rails 3.2.11 (Jan 8, 2013) ## * Fix querying with an empty hash *Damien Mathieu* [CVE-2013-0155] |