pkgsrc-changes: CVS commit: pkgsrc/www/rails

Subject: CVS commit: pkgsrc/www/rails
To: None <pkgsrc-changes@NetBSD.org>
From: Min Sik Kim <minskim@netbsd.org>
List: pkgsrc-changes
Date: 12/10/2007 05:24:01

Module Name:	pkgsrc
Committed By:	minskim
Date:		Mon Dec 10 05:24:01 UTC 2007

Modified Files:
	pkgsrc/www/rails: Makefile distinfo

Log Message:
Update rails to 1.2.6.  Based on the patch provided by Geert Hendrickx.

Changes:
* Fix :cookie_only to correctly avoid session fixation attacks (CVE-2007-6077)
* Fix regression where the association would not construct new finder
  SQL on sav e causing bogus queries for "WHERE owner_id = NULL" even
  after owner was saved.


To generate a diff of this commit:
cvs rdiff -r1.6 -r1.7 pkgsrc/www/rails/Makefile
cvs rdiff -r1.5 -r1.6 pkgsrc/www/rails/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.