diff options
author | Christian Johansen <christian@gitorious.com> | 2013-01-29 08:12:53 (GMT) |
---|---|---|
committer | Christian Johansen <christian@gitorious.com> | 2013-01-29 08:12:53 (GMT) |
commit | af84d8a3c3094871b1bbf61acd4ad3db8c8a0d26 (patch) | |
tree | cea703453994826e2ae81f827ce250bf2ee895de | |
parent | 7e2ef85be9f50608f6ecdcc7b3b3e0f0aaa45572 (diff) |
Upgrade to Rails 2.3.16
- Addresses critical security vulnerability in Rails
-rw-r--r-- | Gemfile | 12 | ||||
-rw-r--r-- | Gemfile.lock | 49 | ||||
-rw-r--r-- | config/environment.rb | 2 | ||||
-rw-r--r-- | test/unit/helpers/blobs_helper_test.rb | 2 |
4 files changed, 22 insertions, 43 deletions
@@ -1,16 +1,6 @@ source "http://rubygems.org" -# Last released version of Rails 2.3 is 2.3.15, which does not address -# all known security vulnerabilities. -git "git://github.com/rails/rails.git", :branch => "2-3-stable" do - gem "rails" - gem "actionmailer" - gem "actionpack" - gem "activerecord" - gem "activeresource" - gem "activesupport" -end - +gem "rails", "2.3.16" gem "chronic", "0.3.0" gem "geoip", "0.8.9" gem "daemons", "1.1.0", :require => false diff --git a/Gemfile.lock b/Gemfile.lock index 53fabd0..12f7e01 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,27 +1,4 @@ GIT - remote: git://github.com/rails/rails.git - revision: 3b75781d38260f5f4f2f0b944a79d16121d31342 - branch: 2-3-stable - specs: - actionmailer (2.3.15) - actionpack (= 2.3.15) - actionpack (2.3.15) - activesupport (= 2.3.15) - rack (~> 1.1.0) - activerecord (2.3.15) - activesupport (= 2.3.15) - activeresource (2.3.15) - activesupport (= 2.3.15) - activesupport (2.3.15) - rails (2.3.15) - actionmailer (= 2.3.15) - actionpack (= 2.3.15) - activerecord (= 2.3.15) - activeresource (= 2.3.15) - activesupport (= 2.3.15) - rake (>= 0.8.3) - -GIT remote: https://github.com/roman/rots.git revision: babb5559aae8914556da528147b6649b9c48f48c specs: @@ -31,12 +8,22 @@ GEM remote: http://rubygems.org/ specs: SystemTimer (1.2.3) + actionmailer (2.3.16) + actionpack (= 2.3.16) + actionpack (2.3.16) + activesupport (= 2.3.16) + rack (~> 1.1.0) activemessaging (0.7.1) activesupport (>= 1.0.0) + activerecord (2.3.16) + activesupport (= 2.3.16) activerecord-jdbc-adapter (1.2.2.1) activerecord-jdbcmysql-adapter (1.2.2.1) activerecord-jdbc-adapter (~> 1.2.2.1) jdbc-mysql (~> 5.1.0) + activeresource (2.3.16) + activesupport (= 2.3.16) + activesupport (2.3.16) acts-as-taggable-on (2.0.6) addressable (2.2.8) after_commit (1.0.10) @@ -103,9 +90,16 @@ GEM mime-types proxymachine (1.2.4) eventmachine (>= 0.12.10) - rack (1.1.4) + rack (1.1.5) rack-test (0.6.2) rack (>= 1.0) + rails (2.3.16) + actionmailer (= 2.3.16) + actionpack (= 2.3.16) + activerecord (= 2.3.16) + activeresource (= 2.3.16) + activesupport (= 2.3.16) + rake (>= 0.8.3) raindrops (0.10.0) rake (0.8.7) rdiscount (1.3.1.1) @@ -171,13 +165,8 @@ PLATFORMS DEPENDENCIES SystemTimer (= 1.2.3) - actionmailer! - actionpack! activemessaging (= 0.7.1) - activerecord! activerecord-jdbcmysql-adapter - activeresource! - activesupport! acts-as-taggable-on (= 2.0.6) builder (= 3.0.0) capillary (~> 1.0.1) @@ -203,7 +192,7 @@ DEPENDENCIES oauth (= 0.4.4) paperclip (~> 2.7.2) proxymachine (= 1.2.4) - rails! + rails (= 2.3.16) rake (= 0.8.7) rdiscount (= 1.3.1.1) resque (= 1.9.8) diff --git a/config/environment.rb b/config/environment.rb index bd06aaf..393eebc 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -4,7 +4,7 @@ # you don't control web/app server and can't set it the proper way # Specifies gem version of Rails to use when vendor/rails is not present -RAILS_GEM_VERSION = '2.3.15' unless defined? RAILS_GEM_VERSION +RAILS_GEM_VERSION = '2.3.16' unless defined? RAILS_GEM_VERSION # Bootstrap the Rails environment, frameworks, and default configuration require File.join(File.dirname(__FILE__), 'boot') diff --git a/test/unit/helpers/blobs_helper_test.rb b/test/unit/helpers/blobs_helper_test.rb index f90e12d..20fb57f 100644 --- a/test/unit/helpers/blobs_helper_test.rb +++ b/test/unit/helpers/blobs_helper_test.rb @@ -36,7 +36,7 @@ class BlobsHelperTest < ActionView::TestCase context "render_highlighted()" do should "html escape the line & add the proper class" do res = render_highlighted("puts '<foo>'", "foo.rb") - assert res.include?(%Q{<td class="code"><pre class="prettyprint lang-rb">puts '<foo>'</pre></td>}), res + assert res.include?(%Q{<td class="code"><pre class="prettyprint lang-rb">puts '<foo>'</pre></td>}), res end should "add line numbers" do |