Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id CCF2863C1D9 for ; Wed, 6 Apr 2011 13:26:07 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id A18EE19CEE3; Wed, 6 Apr 2011 13:26:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 266CF19CED9 for ; Wed, 6 Apr 2011 13:26:05 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 4OszIBhxABTO for ; Wed, 6 Apr 2011 13:26:04 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 5732919CEC1 for ; Wed, 6 Apr 2011 13:26:04 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 45C18175DD; Wed, 6 Apr 2011 13:26:04 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Wed, 6 Apr 2011 13:26:04 +0000 From: "Takahiro Kambe" Subject: CVS commit: pkgsrc/www/ruby-actionpack3 To: pkgsrc-changes@NetBSD.org Reply-To: taca@netbsd.org X-Mailer: log_accum Message-Id: <20110406132604.45C18175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: taca Date: Wed Apr 6 13:26:04 UTC 2011 Modified Files: pkgsrc/www/ruby-actionpack3: distinfo pkgsrc/www/ruby-actionpack3/patches: patch-.._actionpack.gemspec Log Message: Update ruby-actionpack3 pacakge to 3.0.6. *Rails 3.0.6 (April 5, 2011) * Fixed XSS vulnerability in `auto_link`. `auto_link` no longer marks input as html safe. Please make sure that calls to auto_link() are wrapped in a sanitize(), or a raw() depending on the type of input passed to auto_link(). For example: <%= sanitize(auto_link(some_user_input)) %> Thanks to Torben Schulz for reporting this. The fix can be found here: 61ee3449674c591747db95f9b3472c5c3bd9e84d * Fixes the output of `rake routes` to be correctly match to the behavior of the application, as the regular expression used to match the path is greedy and won't capture the format part by default [Prem Sichanugrist] * Fixes an issue with number_to_human when converting values which are less than 1 but greater than -1 [Josh Kalderimis] * Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. [Prem Sichanugrist, fxn] * URL parameters which return nil for to_param are now removed from the query string [Andrew White] * Don't allow i18n to change the minor version, version now set to ~> 0.5.0 [Santiago Pastorino] * Make TranslationHelper#translate use the :rescue_format option in I18n 0.5.0 [Sven Fuchs] * Fix regression: javascript_include_tag shouldn't raise if you register an expansion key with nil or [] value [Santiago Pastorino] * Fix Action caching bug where an action that has a non-cacheable response always renders a nil response body. It now correctly renders the response body. [Cheah Chu Yeow] To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/ruby-actionpack3/distinfo cvs rdiff -u -r1.1 -r1.2 \ pkgsrc/www/ruby-actionpack3/patches/patch-.._actionpack.gemspec Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.