-
rails (2:4.2.6-1) unstable; urgency=medium
[ Antonio Terceiro ]
* New upstream release
* debian/clean: list files that are created when the tests run
* Drop 0003-Make-AR-SpawnMethods-merge-to-check-an-arg-is-a-Proc.patch,
applied upstream
[ Praveen Arimbrathodiyil ]
* Set minimum version of ruby-sprockets-rails (for sprockets version
incompatibility with ruby-sass-rails)
-- Antonio Terceiro <email address hidden> Sat, 09 Apr 2016 19:39:46 -0300
-
rails (2:4.2.5.2-2) unstable; urgency=medium
[ Cédric Boutillier ]
* Remove version in the gem2deb build-dependency
* Use https:// in Vcs-* fields
* Bump Standards-Version to 3.9.7 (no changes needed)
* Run wrap-and-sort on packaging files
[ Antonio Terceiro ]
* 0002-load_paths.rb-don-t-load-bundler.patch: don't load bundler when
running tests
* Run tests during build
- add all runtime dependencies as build dependencies as well
* Run unit tests also under autopkgtest
* Add 0003-Make-AR-SpawnMethods-merge-to-check-an-arg-is-a-Proc.patch to fix
ActiveRecord relations with Ruby 2.3
* 0004-ActiveRecord-skip-a-few-tests-that-are-broken-on-Deb.patch skip some
tests that are broken on Debian.
-- Antonio Terceiro <email address hidden> Fri, 04 Mar 2016 14:49:00 -0300
-
rails (2:4.2.5.1-1) unstable; urgency=high
* New upstream release. Includes fixes for the following several security
issues:
- [CVE-2015-7576] Timing attack vulnerability in basic authentication in
Action Controller.
- [CVE-2016-0751] Possible Object Leak and Denial of Service attack in
Action Pack
- [CVE-2015-7577] Nested attributes rejection proc bypass in Active Record.
- [CVE-2016-0752] Possible Information Leak Vulnerability in Action View
- [CVE-2016-0753] Possible Input Validation Circumvention in Active Model
- [CVE-2015-7581] Object leak vulnerability for wildcard controller routes
in Action Pack
-- Antonio Terceiro <email address hidden> Thu, 28 Jan 2016 10:56:35 -0200
-
rails (2:4.2.5-1) unstable; urgency=medium
* New upstream release
* Skip dependency resolution check during the build, because too many of the
dependencies of the binary packages depend on rails to build, so let's
avoid loops. The checks are still performed as part of autopkgtest tests,
anyway.
-- Antonio Terceiro <email address hidden> Mon, 14 Dec 2015 11:04:15 -0200
-
rails (2:4.2.4-2) unstable; urgency=medium
* Upload to unstable
-- Antonio Terceiro <email address hidden> Sat, 12 Dec 2015 16:24:01 -0200
-
rails (2:4.1.10-1) unstable; urgency=medium
* New upstream release; bug fixes only
* debian/copyright: fix mention to the license of
guides/assets/javascripts/jquery.min.js
* Drop transitional package ruby-activesupport-2.3; it was only needed for
upgrades from wheezy.
* Drop Breaks:/Replaces: relationships against packages provided by old
versioned source packages (e.g. *-2.3, *-3.2, *-4.0).
-- Antonio Terceiro <email address hidden> Sun, 24 May 2015 18:11:04 -0300
