Now
MAIN commitmail json YAML
Note update of ruby-actionpack32 to 3.2.22.1.
* Use secure string comparisons for basic auth username / password.
(CVE-2015-7576)
* Stop caching mime types globally. (CVE-2016-0751)
* Don't short-circuit reject_if proc. (CVE-2015-7577)
* Allow :file to be outside rails root, but anything else must be inside
the rails view directory. (CVE-2016-0752)
* Use secure string comparisons for basic auth username / password.
(CVE-2015-7576)
* Stop caching mime types globally. (CVE-2016-0751)
* Don't short-circuit reject_if proc. (CVE-2015-7577)
* Allow :file to be outside rails root, but anything else must be inside
the rails view directory. (CVE-2016-0752)