From c0022f8d885d5cca8a7f7d3d64c60af1e04684ea Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Mon, 11 Feb 2013 23:41:17 -0200 Subject: Add note about attr_protected fix in Active Model changelog [ci skip] --- activemodel/CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'activemodel') diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md index 775bf344d4..73837e7de6 100644 --- a/activemodel/CHANGELOG.md +++ b/activemodel/CHANGELOG.md @@ -3,7 +3,10 @@ ## Rails 3.2.12 (Fev 11, 2013) ## -* No changes. +* Fix issue with `attr_protected` where malformed input could circumvent protection. + CVE-2013-0276 + + *joerncheen* ## Rails 3.2.11 (Jan 8, 2013) ## -- cgit v1.2.3