Hello community, here is the log from the commit of package rubygem-actionpack-2_3 for openSUSE:11.3 checked in at Wed Nov 9 17:10:20 CET 2011. -------- --- old-versions/11.3/UPDATES/all/rubygem-actionpack-2_3/rubygem-actionpack-2_3.changes 2011-06-08 12:14:51.000000000 +0200 +++ 11.3/rubygem-actionpack-2_3/rubygem-actionpack-2_3.changes 2011-11-04 17:14:54.000000000 +0100 @@ -1,0 +2,20 @@ +Wed Aug 17 12:02:42 UTC 2011 - mrueckert@suse.de + +- update to version 2.3.14 + - fix fixing strip tags vulnerability (bnc#712057) + - fixing response splitting problem (bnc#712058) + +------------------------------------------------------------------- +Mon Jun 20 16:27:43 UTC 2011 - mrueckert@suse.de + +- update to version 2.3.12 + - dont call destroy on a session if it doesnt respond to destroy + - fix session timeout handling +- additional changes from version 2.3.11: (bnc#668817) + - XSS Risk in mail_to :encode=>:javascript CVE-2011-0446 + - CSRF Bypass Risk CVE-2011-0447 + - Filter Problems on Case Insensitive Filesystems CVE-2011-0449 + - Potential SQL Injection with limit() CVE-2011-0448 +- dropping 2-3-combined.patch + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 Old: ---- 2-3-combined.patch actionpack-2.3.8.gem New: ---- actionpack-2.3.14.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-actionpack-2_3.spec ++++++ --- /var/tmp/diff_new_pack.hqXOUW/_old 2011-11-09 17:09:27.000000000 +0100 +++ /var/tmp/diff_new_pack.hqXOUW/_new 2011-11-09 17:09:27.000000000 +0100 @@ -19,9 +19,10 @@ Name: rubygem-actionpack-2_3 -Version: 2.3.8 -Release: 2.<RELEASE2> +Version: 2.3.14 +Release: 0.<RELEASE2> %define mod_name actionpack +%define mod_full_name %{mod_name}-%{version} # Group: Development/Languages/Ruby License: MIT @@ -31,14 +32,15 @@ %rubygems_requires Provides: rubygem-%{mod_name} = %{version}-%{release} # +# activesupport = 2.3.14 BuildRequires: rubygem-activesupport-2_3 = %{version} Requires: rubygem-activesupport-2_3 = %{version} -BuildRequires: rubygem-rack >= 1.1.0 -Requires: rubygem-rack >= 1.1.0 +# rack ~> 1.1.0 +BuildRequires: rubygem-rack-1_1 >= 1.1.0 +Requires: rubygem-rack-1_1 >= 1.1.0 # Url: http://rubyforge.org/projects/actionpack -Source: %{mod_name}-%{version}.gem -Patch0: 2-3-combined.patch +Source: %{mod_full_name}.gem # Summary: Web-flow and rendering framework putting the VC in MVC @@ -53,9 +55,6 @@ %install %gem_install %{S:0} -pushd %{buildroot}%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}/ - patch -p2 < %{P:0} -popd find %{buildroot}%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}/ -name \*\~ -print -delete %clean @@ -63,9 +62,9 @@ %files %defattr(-,root,root,-) -%{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_name}-%{version}.gem -%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}/ -%{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_name}-%{version}.gemspec -%doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_name}-%{version}/ +%{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_full_name}.gem +%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ +%{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_full_name}.gemspec +%doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_full_name}/ %changelog continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org