activesupport 2.0.4 → 2.0.5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activesupport might be problematic. Click here for more details.
- data/CHANGELOG +5 -0
- data/lib/active_support/core_ext/rexml.rb +5 -2
- data/lib/active_support/version.rb +1 -1
- metadata +2 -2
data/CHANGELOG
CHANGED
|
@@ -5,7 +5,8 @@ require 'rexml/entity'
|
|
|
5
5
|
# http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
|
|
6
6
|
# This fix is identical to rexml-expansion-fix version 1.0.1
|
|
7
7
|
|
|
8
|
-
|
|
8
|
+
# Earlier versions of rexml defined REXML::Version, newer ones REXML::VERSION
|
|
9
|
+
unless (defined?(REXML::VERSION) ? REXML::VERSION : REXML::Version) > "3.1.7.2"
|
|
9
10
|
module REXML
|
|
10
11
|
class Entity < Child
|
|
11
12
|
undef_method :unnormalized
|
|
@@ -17,7 +18,9 @@ unless REXML::VERSION > "3.1.7.2"
|
|
|
17
18
|
@unnormalized
|
|
18
19
|
end
|
|
19
20
|
end
|
|
21
|
+
|
|
20
22
|
class Document < Element
|
|
23
|
+
|
|
21
24
|
@@entity_expansion_limit = 10_000
|
|
22
25
|
def self.entity_expansion_limit= val
|
|
23
26
|
@@entity_expansion_limit = val
|
|
@@ -32,4 +35,4 @@ unless REXML::VERSION > "3.1.7.2"
|
|
|
32
35
|
end
|
|
33
36
|
end
|
|
34
37
|
end
|
|
35
|
-
end
|
|
38
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: activesupport
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Heinemeier Hansson
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2008-
|
|
12
|
+
date: 2008-10-19 00:00:00 +02:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|