[dradis-svn] SF.net SVN: dradis:[2090] server/trunk/Gemfile

[<et...@us...>]

Revision: 2090
          http://dradis.svn.sourceforge.net/dradis/?rev=2090&view=rev
Author:   etdsoft
Date:     2010-10-15 07:22:58 +0000 (Fri, 15 Oct 2010)

Log Message:
-----------

There was a vuln released yesterday affecting Rails 3.0.0. We need to upgrade to 3.0.1.

Forcing sqlite3-ruby to 1.2.5 will prevent bundler from installing a too new 
version of the gem that would require an SQLite installetion newer than the one
available in Debian stable.

References:
http://weblog.rubyonrails.org/2010/10/15/security-vulnerability-in-nested-attributes-code-in-ruby-on-rails-2-3-9-and-3-0-0

Modified Paths:
--------------
    server/trunk/Gemfile

Modified: server/trunk/Gemfile
===================================================================
--- server/trunk/Gemfile	2010-10-15 07:02:15 UTC (rev 2089)
+++ server/trunk/Gemfile	2010-10-15 07:22:58 UTC (rev 2090)
@@ -1,8 +1,8 @@
 source 'http://rubygems.org'
 
-gem 'rails', '3.0.0'
+gem 'rails', '3.0.1'
 
-gem 'sqlite3-ruby', :require => 'sqlite3'
+gem 'sqlite3-ruby', '1.2.5', :require => 'sqlite3'
 gem 'delayed_job'
 
 # We need to make an exception for Windows. Otherwise Bundler is going to try 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.