Now
MAIN commitmail json YAML
pkgsrc/databases/ruby-activerecord60/distinfo@1.7
/
diff
pkgsrc/devel/ruby-activejob60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activemodel60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activestorage60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activesupport60/distinfo@1.7 / diff
pkgsrc/devel/ruby-railties60/distinfo@1.7 / diff
pkgsrc/lang/ruby/rails.mk@1.93 / diff
pkgsrc/mail/ruby-actionmailbox60/distinfo@1.7 / diff
pkgsrc/mail/ruby-actionmailer60/distinfo@1.7 / diff
pkgsrc/textproc/ruby-actiontext60/distinfo@1.7 / diff
pkgsrc/www/ruby-actioncable60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionpack60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionview60/distinfo@1.7 / diff
pkgsrc/www/ruby-rails60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activejob60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activemodel60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activestorage60/distinfo@1.7 / diff
pkgsrc/devel/ruby-activesupport60/distinfo@1.7 / diff
pkgsrc/devel/ruby-railties60/distinfo@1.7 / diff
pkgsrc/lang/ruby/rails.mk@1.93 / diff
pkgsrc/mail/ruby-actionmailbox60/distinfo@1.7 / diff
pkgsrc/mail/ruby-actionmailer60/distinfo@1.7 / diff
pkgsrc/textproc/ruby-actiontext60/distinfo@1.7 / diff
pkgsrc/www/ruby-actioncable60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionpack60/distinfo@1.7 / diff
pkgsrc/www/ruby-actionview60/distinfo@1.7 / diff
pkgsrc/www/ruby-rails60/distinfo@1.7 / diff
www/ruby-rails60: update to 6.0.3.5
databases/ruby-activerecord60:
## Rails 6.0.3.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
www/ruby-actionpack60
## Rails 6.0.3.5 (February 10, 2021) ##
* Prevent open redirect when allowed host starts with a dot
[CVE-2021-22881]
Thanks to @tktech (https://hackerone.com/tktech) for reporting this
issue and the patch!
*Aaron Patterson*
databases/ruby-activerecord60:
## Rails 6.0.3.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
www/ruby-actionpack60
## Rails 6.0.3.5 (February 10, 2021) ##
* Prevent open redirect when allowed host starts with a dot
[CVE-2021-22881]
Thanks to @tktech (https://hackerone.com/tktech) for reporting this
issue and the patch!
*Aaron Patterson*