From 5c077abb0eac32f19161f1088f13c4b3569f856a 2013-01-20 11:48:54 From: Toshi MARUYAMA Date: 2013-01-20 11:48:54 Subject: [PATCH] 1.4-stable: add a link to a mail posted on 14 Jan 2013 about Rails 2.3 CVE-2013-0155 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/1.4-stable@11208 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/config/initializers/10-patches.rb b/config/initializers/10-patches.rb index 6643ca9..0dfc37c 100644 --- a/config/initializers/10-patches.rb +++ b/config/initializers/10-patches.rb @@ -117,7 +117,9 @@ module ActionController end # Fix for CVE-2013-0155 +# https://groups.google.com/d/msg/rubyonrails-security/c7jT-EeN9eI/L0u4e87zYGMJ # https://groups.google.com/d/msg/rubyonrails-security/kKGNeMrnmiY/r2yM7xy-G48J +# https://github.com/rails/rails/blob/v2.3.15/activerecord/lib/active_record/base.rb#L2340 module ActiveRecord class Base class << self