activesupport 6.1.7.2 → 6.1.7.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of activesupport might be problematic. Click here for more details.

Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/lib/active_support/core_ext/string/output_safety.rb +4 -0
  4. data/lib/active_support/gem_version.rb +1 -1
  5. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 28ca70c38f67026955b1161ed6b18e7baa7764f972a65fcfb98045d92ae36b21
4
- data.tar.gz: a3338be243c6e5ba5c90cafd07b33d964ab0a07b1501555c21385827bedd1f2c
3
+ metadata.gz: '08925ee6844118b92f0574ccff73c19cb3cb114f9666a0f0a49d5c33a313fcf3'
4
+ data.tar.gz: e2e43e6cc370cfc52567071f0d53bc00e39767987530f64b5a32ec03016eceda
5
5
  SHA512:
6
- metadata.gz: f3ecf8f53514da55a4de9fdbd5acca109477ad01fdc8d19de3b90a7488a0799d22edba09f6aaaf70e85e8900235d1545d41c3adeb183186271e2d9195f5056e7
7
- data.tar.gz: ad99b075680358ff999d6a7483b17960248934075dd8b11da56b7f35e9a6f94a013f2cdf60c380e952b5a6c440008065dae8b10cd28180e517340d43667c7964
6
+ metadata.gz: 3ec45336e7d88f27c3737279c6bad52cc313208205e937bdd3df72c269106ed6064be74e36fb925826856f8558aeb4e7bc3c9ff9076d11032f060ecd51d8083b
7
+ data.tar.gz: f356a689c99bccfe6aad84c76497a6e19e2ea2f415a91dd96c7095f962c3cc2cda87278364fd2b7d06450b4bbd503d9628772878afa311934ff6a771287eedca
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## Rails 6.1.7.3 (March 13, 2023) ##
2
+
3
+ * Implement SafeBuffer#bytesplice
4
+
5
+ [CVE-2023-28120]
6
+
7
+
1
8
  ## Rails 6.1.7.2 (January 24, 2023) ##
2
9
 
3
10
  * No changes.
data/lib/active_support/core_ext/string/output_safety.rb CHANGED
@@ -216,6 +216,10 @@ module ActiveSupport #:nodoc:
216
216
  end
217
217
  alias << concat
218
218
 
219
+ def bytesplice(*args, value)
220
+ super(*args, implicit_html_escape_interpolated_argument(value))
221
+ end
222
+
219
223
  def insert(index, value)
220
224
  super(index, html_escape_interpolated_argument(value))
221
225
  end
data/lib/active_support/gem_version.rb CHANGED
@@ -10,7 +10,7 @@ module ActiveSupport
10
10
  MAJOR = 6
11
11
  MINOR = 1
12
12
  TINY = 7
13
- PRE = "2"
13
+ PRE = "3"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.1.7.2
4
+ version: 6.1.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-25 00:00:00.000000000 Z
11
+ date: 2023-03-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: i18n
@@ -357,10 +357,10 @@ licenses:
357
357
  - MIT
358
358
  metadata:
359
359
  bug_tracker_uri: https://github.com/rails/rails/issues
360
- changelog_uri: https://github.com/rails/rails/blob/v6.1.7.2/activesupport/CHANGELOG.md
361
- documentation_uri: https://api.rubyonrails.org/v6.1.7.2/
360
+ changelog_uri: https://github.com/rails/rails/blob/v6.1.7.3/activesupport/CHANGELOG.md
361
+ documentation_uri: https://api.rubyonrails.org/v6.1.7.3/
362
362
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
363
- source_code_uri: https://github.com/rails/rails/tree/v6.1.7.2/activesupport
363
+ source_code_uri: https://github.com/rails/rails/tree/v6.1.7.3/activesupport
364
364
  rubygems_mfa_required: 'true'
365
365
  post_install_message:
366
366
  rdoc_options: