Link [ pkgsrc | NetBSD | pkgsrc git mirror | PR fulltext-search | netbsd commit viewer ]


   
        usage: [branch:branch] [user:user] [path[@revision]] keyword [... [-excludekeyword [...]]] (e.g. branch:MAIN pkgtools/pkg)


[ 1 ]


switch to index mode

recent branches: MAIN (5h)  pkgsrc-2024Q1 (11d)  pkgsrc-2023Q4 (58d)  pkgsrc-2023Q2 (90d)  pkgsrc-2023Q3 (170d) 

2024-05-28 22:07:59 UTC Now

2021-02-11 14:30:08 UTC MAIN commitmail json YAML

pkgsrc/databases/ruby-activerecord60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activejob60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activemodel60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activestorage60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activesupport60/distinfo@1.7 / diff
pkgsrc/devel/ruby-railties60/distinfo@1.7 / diff
pkgsrc/lang/ruby/rails.mk@1.93 / diff
pkgsrc/mail/ruby-actionmailbox60/distinfo@1.7 / diff
pkgsrc/mail/ruby-actionmailer60/distinfo@1.7 / diff
pkgsrc/textproc/ruby-actiontext60/distinfo@1.7 / diff
pkgsrc/www/ruby-actioncable60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionpack60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionview60/distinfo@1.7 / diff
pkgsrc/www/ruby-rails60/distinfo@1.7 / diff

www/ruby-rails60: update to 6.0.3.5

databases/ruby-activerecord60:

## Rails 6.0.3.5 (February 10, 2021) ##

*  Fix possible DoS vector in PostgreSQL money type

    Carefully crafted input can cause a DoS via the regular expressions used
    for validating the money format in the PostgreSQL adapter.  This patch
    fixes the regexp.

    Thanks to @dee-see from Hackerone for this patch!

    [CVE-2021-22880]

    *Aaron Patterson*

www/ruby-actionpack60

## Rails 6.0.3.5 (February 10, 2021) ##

*  Prevent open redirect when allowed host starts with a dot

    [CVE-2021-22881]

    Thanks to @tktech (https://hackerone.com/tktech) for reporting this
    issue and the patch!

    *Aaron Patterson*

(taca)

[ 1 ]