[dradis-svn] SF.net SVN: dradis:[2090] server/trunk/Gemfile
Collaboration and reporting tool for InfoSec teams.
Brought to you by:
etdsoft
From: <et...@us...> - 2010-10-15 07:23:05
|
Revision: 2090 http://dradis.svn.sourceforge.net/dradis/?rev=2090&view=rev Author: etdsoft Date: 2010-10-15 07:22:58 +0000 (Fri, 15 Oct 2010) Log Message: ----------- There was a vuln released yesterday affecting Rails 3.0.0. We need to upgrade to 3.0.1. Forcing sqlite3-ruby to 1.2.5 will prevent bundler from installing a too new version of the gem that would require an SQLite installetion newer than the one available in Debian stable. References: http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0 Modified Paths: -------------- server/trunk/Gemfile Modified: server/trunk/Gemfile =================================================================== --- server/trunk/Gemfile 2010-10-15 07:02:15 UTC (rev 2089) +++ server/trunk/Gemfile 2010-10-15 07:22:58 UTC (rev 2090) @@ -1,8 +1,8 @@ source 'http://rubygems.org' -gem 'rails', '3.0.0' +gem 'rails', '3.0.1' -gem 'sqlite3-ruby', :require => 'sqlite3' +gem 'sqlite3-ruby', '1.2.5', :require => 'sqlite3' gem 'delayed_job' # We need to make an exception for Windows. Otherwise Bundler is going to try This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |