File rubygem-actionpack-4_1.changes of Package rubygem-actionpack-4_1

-------------------------------------------------------------------
Wed Jul 13 04:29:15 UTC 2016 - coolo@suse.com

- updated to version 4.1.16
 see installed CHANGELOG.md

  ## Rails 4.1.16 (July 12, 2016) ##
  
  *   No changes.

-------------------------------------------------------------------
Tue Mar  8 05:29:21 UTC 2016 - coolo@suse.com

- updated to version 4.1.15
 see installed CHANGELOG.md

  ## Rails 4.1.15 (March 07, 2016) ##
  
  *   No changes.

-------------------------------------------------------------------
Tue Mar  1 05:30:31 UTC 2016 - coolo@suse.com

- updated to version 4.1.14.2
 see installed CHANGELOG.md

  ## Rails 4.1.14.2 (February 26, 2016) ##
  
  *   Do not allow render with unpermitted parameter.
  
      Fixes CVE-2016-2098.
  
      *Arthur Neves*
  
  
  ## Rails 4.1.14.1 (January 25, 2015) ##
  
  *   No changes.

-------------------------------------------------------------------
Tue Jan 26 05:29:22 UTC 2016 - coolo@suse.com

- updated to version 4.1.14.1
 see installed CHANGELOG.md

-------------------------------------------------------------------
Fri Nov 13 05:28:51 UTC 2015 - coolo@suse.com

- updated to version 4.1.14
 see installed CHANGELOG.md

  ## Rails 4.1.14 (November 12, 2015) ##
  
  *   No changes.

-------------------------------------------------------------------
Tue Aug 25 04:29:03 UTC 2015 - coolo@suse.com

- updated to version 4.1.13
 see installed CHANGELOG.md

  ## Rails 4.1.13 (August 24, 2015) ##
  
  *   No changes.

-------------------------------------------------------------------
Fri Jun 26 04:29:18 UTC 2015 - coolo@suse.com

- updated to version 4.1.12
 see installed CHANGELOG.md

  ## Rails 4.1.12 (June 25, 2015) ##
  
  *   Fix handling of empty X_FORWARDED_HOST header in raw_host_with_port
  
      Previously, an empty X_FORWARDED_HOST header would cause
      Actiondispatch::Http:URL.raw_host_with_port to return nil, causing
      Actiondispatch::Http:URL.host to raise a NoMethodError.
  
      *Adam Forsyth*
  
  *   Fix regression in functional tests. Responses should have default headers
      assigned.
  
      See #18423.
  
      *Jeremy Kemper*, *Yves Senn*

-------------------------------------------------------------------
Wed Jun 17 04:29:45 UTC 2015 - coolo@suse.com

- updated to version 4.1.11
 see installed CHANGELOG.md

  ## Rails 4.1.11 (June 16, 2015) ##
  
  *   No changes.

-------------------------------------------------------------------
Sun Mar 22 09:05:18 UTC 2015 - coolo@suse.com

- updated to version 4.1.10
 *   Preserve default format when generating URLs
 
     Fixes an issue that would cause the format set in default_url_options to be
     lost when generating URLs with fewer positional arguments than parameters in
     the route definition.
 
     Backport of #18627
 
     *Tekin Suleyman*, *Dominic Baggott*
 
 *   Default headers, removed in controller actions, are no longer reapplied on
     the test response.
 
     *Jonas Baumann*
 
 *   Ensure `append_info_to_payload` is called even if an exception is raised.
 
     Fixes an issue where when an exception is raised in the request the additonal
     payload data is not available.
 
     See:
     * #14903
     * https://github.com/roidrage/lograge/issues/37
 
     *Dieter Komendera*, *Margus Pärt*

-------------------------------------------------------------------
Mon Jan 19 21:09:53 UTC 2015 - dmueller@suse.com

-  update to 4.1.9:
   * Fixed handling of positional url helper arguments when `format: false`.
   * Restore handling of a bare `Authorization` header, without `token=`
     prefix.
   * Fix regression where path was getting overwritten when route anchor was false, and X-Cascade pass
   * Fix a bug where malformed query strings lead to 500.
   * Fix arbitrary file existence disclosure in Action Pack (CVE-2014-7829)
   * Fix arbitrary file existence disclosure in Action Pack (CVE-2014-7818)

-------------------------------------------------------------------
Mon Nov 10 14:00:03 UTC 2014 - tboerger@suse.com

- To get rails 4 running on SLE 11 i have switched the
  rb_build_versions definition to rub21 as it is activated within
  devel:languages:ruby. That way we can get running rails 4 on
  SLE 11 too.

-------------------------------------------------------------------
Sun Oct 12 16:20:05 UTC 2014 - coolo@suse.com

- updated to version 4.1.6
 *   Prepend a JS comment to JSONP callbacks. Addresses CVE-2014-4671
     ("Rosetta Flash")
 *   Because URI paths may contain non US-ASCII characters we need to force
     the encoding of any unescaped URIs to UTF-8 if they are US-ASCII.
     This essentially replicates the functionality of the monkey patch to
     URI.parser.unescape in active_support/core_ext/uri.rb.
     Fixes #16104.
 *   Generate shallow paths for all children of shallow resources.
     Fixes #15783.
 *   JSONP responses are now rendered with the `text/javascript` content type
     when rendering through a `respond_to` block.
     Fixes #15081.
 *   Fix env['PATH_INFO'] missing leading slash when a rack app mounted at '/'.
     Fixes #15511.
 *   ActionController::Parameters#require now accepts `false` values.
     Fixes #15685.

-------------------------------------------------------------------
Wed Jul 23 13:26:43 UTC 2014 - mrueckert@suse.com

- - initial package