Validations · f2ce9fa17fbf2edd29bb9e78ffca3b8dd50c5529 · facil / parlote-facil

fév. 11, 2013

* Fix CVE-2013-0269 by updating the gems json to 1.7.7 and multi\_json to... · f2ce9fa1

Jonne Haß a rédigé 12 years ago

* Fix CVE-2013-0269 by updating the gems json to 1.7.7 and multi\_json to 1.5.1. [Read more](https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_YvCpLzL58)
* Additionally ensure can't affect us by bumping Rails to 3.2.12. [Read more](https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8)
* And exclude CVE-2013-0262 and CVE-2013-0263 by updating rack to 1.4.5.

f2ce9fa1

fév. 01, 2013
- Merge branch 'hotfix/0.0.2.4' · dfbb6fa3
  Jonne Haß a rédigé 12 years ago
  
  dfbb6fa3
- Fix XSS vulnerabilities caused by not escaping a users name fields when loading it from JSON. #3948 · 7134513b
  Jonne Haß a rédigé 12 years ago
  
  From a quick look at the for us available databases this was not actually used in the wild.
  7134513b
jan. 28, 2013
- Merge branch 'hotfix/0.0.2.3' · 7f865e73
  Jonne Haß a rédigé 12 years ago
  
  7f865e73
- Update Devise to 2.1.3 · 8a8ee42e
  Jonne Haß a rédigé 12 years ago
  
  http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/
  8a8ee42e
jan. 08, 2013
- Merge branch 'hotfix/0.0.2.2' · eedf32ed
  Jonne Haß a rédigé 12 years ago
  
  eedf32ed
- bump Rails to 3.2.11 · b320e502
  Florian Staudacher a rédigé 12 years ago
  
  see: http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/
  b320e502
jan. 02, 2013
- Merge branch 'hotfix/0.0.2.1' · 947127be
  Jonne Haß a rédigé 12 years ago
  
  947127be
- Bump to Rails 3.2.10 as per CVE-2012-5664 · 11f82c79
  Jonne Haß a rédigé 12 years ago
  
  https://groups.google.com/group/rubyonrails-security/browse_thread/thread/c2353369fea8c53
  11f82c79
nov. 20, 2012
- Merge branch 'release/0.0.2.0' · eea59b09
  Florian Staudacher a rédigé 12 years ago
  
  Conflicts: Changelog.md config/defaults.yml
  eea59b09
- changelog update before release · 42f47626
  Florian Staudacher a rédigé 12 years ago
  
  42f47626
- Merge pull request #3739 from davecocoa/feature/3534-add-x-frame-header · 742d320c
  Florian Staudacher a rédigé 12 years ago
  
  add x-frame headers
  742d320c
- updated 78 locale files [ci skip] · 1af49a04
  Jonne Haß a rédigé 12 years ago
  
  1af49a04
nov. 19, 2012
- Merge pull request #3727 from jaywink/feature/2321-fix-message-notifications · a5050273
  Sean Tilley a rédigé 12 years ago
  
  Fix notifications for private messages between local users, fixes #2321
  a5050273
nov. 18, 2012
- get rid of string concat of translatable strings in getting started · e9bccb8a
  Jonne Haß a rédigé 12 years ago
  
  e9bccb8a
- add x-frame headers · 9678a1d4
  David McMullin a rédigé 12 years ago
  
  9678a1d4
nov. 16, 2012
- don't let the install script run as root user · 9723c4ab
  Florian Staudacher a rédigé 12 years ago
  
  9723c4ab
nov. 15, 2012
- Merge pull request #3733 from marpo60/3682-fix-padlock-images · 5066db99
  Florian Staudacher a rédigé 12 years ago
  
  3682 fix padlock images
  5066db99
- update changelog · f3134206
  Fabián Rodríguez a rédigé 12 years ago
  
  f3134206
- fix 3682, use correct image path for padlocks · f590abb3
  Fabián Rodríguez a rédigé 12 years ago
  
  f590abb3
nov. 14, 2012
- Really remove Devises timeoutable... · ae532542
  Dennis Schubert a rédigé 12 years ago
  
  ... and force it to really remember the session by a hidden field.
  ae532542
- add rb-fsevent to the Gemfile for our OS X devs · 70b0c9e2
  Jonne Haß a rédigé 12 years ago
  
  70b0c9e2
nov. 12, 2012
- Fix message_spec test and add tests for private message notification unread count. Update changelog · c4376361
  Jason Robinson a rédigé 12 years ago
  
  c4376361
nov. 11, 2012
- Fix notifications for private messages between local users, fixes #2321 · 6cf6f1dd
  Jason Robinson a rédigé 12 years ago
  
  6cf6f1dd
- Merge pull request #3726 from movilla/css_people_inv · 7517c29e
  Jonne Haß a rédigé 12 years ago
  
  fix css error with intivation people block in search results
  7517c29e
- fix css error with intivation people block in search results · 764aa579
  movilla a rédigé 12 years ago
  
  764aa579
- Merge branch 'notifications_count' of git://github.com/movilla/diaspora into develop · 63f2d335
  Jonne Haß a rédigé 12 years ago
  
  63f2d335
- Web mobile notificacions count dont change to unread-read when click in link post · 554fe402
  movilla a rédigé 12 years ago
  
  554fe402
- update changelog for gem updates [ci skip] · 6056572b
  Jonne Haß a rédigé 12 years ago
  
  6056572b
- Merge pull request #3612 from diaspora/update_gems · e7be5d2f
  Jonne Haß a rédigé 12 years ago
  
  Update gems
  e7be5d2f
- bump selenium-webdriver · 0b206534
  Jonne Haß a rédigé 12 years ago
  
  0b206534
- bump gon · f6d352bc
  Jonne Haß a rédigé 12 years ago
  
  f6d352bc
- bump faraday_middleware · c4d5597f
  Jonne Haß a rédigé 12 years ago
  
  c4d5597f
- bump coffee-script-source · 8e2d509f
  Jonne Haß a rédigé 12 years ago
  
  8e2d509f
- bump carrierwave · 4fc2cb1c
  Jonne Haß a rédigé 12 years ago
  
  4fc2cb1c
- bump capybara · f2f741a5
  Jonne Haß a rédigé 12 years ago
  
  f2f741a5
- bump formatador · 74ecdeb3
  Jonne Haß a rédigé 12 years ago
  
  74ecdeb3
- bump tzinfo · 04aee6a6
  Jonne Haß a rédigé 12 years ago
  
  04aee6a6
- bump twitter · f4d63c6d
  Jonne Haß a rédigé 12 years ago
  
  f4d63c6d
- bump rails-i18n · 03f5cfcc
  Jonne Haß a rédigé 12 years ago
  
  03f5cfcc