fat_free_crm 0.14.1 → 0.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG +11 -0
  3. data/app/helpers/tags_helper.rb +1 -1
  4. data/lib/fat_free_crm/version.rb +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: a1c0c4ac354d4c2c34a0d84b51715fc28b0ac02c
4
- data.tar.gz: 7bccf3592685da1a91f9485a1067742714e26610
2
+ SHA256:
3
+ metadata.gz: 91bf600f70e89b2af57ebf332ef9e90550f5ee9fcfb4ce624eb4150bb64af7e8
4
+ data.tar.gz: ea34e819ea4f7c7104c9724167a11790734528f96f274f6d14a39cd39fb284f8
5
5
  SHA512:
6
- metadata.gz: 8a200942ebeca8d1c4a2a45e05b462efdaf8f853d763275e238a60b89bd9c75986f72eb78d85f446d13f924cf75299af6386ebbb210b219ddcc98ab6a2108dd1
7
- data.tar.gz: 2116a9355c23c583385275c3b86a68d8766dfa81d0d8b2f557c39ebbf6267dce2cfa085bf0f27342117b109b3c53c23d53f5e9242ce64681a9752c9c0bd928d3
6
+ metadata.gz: 285ecf6eae7e9c898c17e6603309cf50275ff0776bef190bb1facb67ce4e45b72deacfb9c479287b578ea669eeb107fbd48e866d35dd39f3beb948839ccb4840
7
+ data.tar.gz: 6d1fa7b4ec122f161d4c73c05b22765cb5b5e874f6089c0990729b7f9e4ccf1f38036e6f73a7ca89488b76a24bb580a468b8a5a6d91fb2aa00555394a58849e1
data/CHANGELOG CHANGED
@@ -4,6 +4,17 @@ It does not matter how slowly you go as long as you do not stop.
4
4
  First they ignore you, then they laugh at you, then they fight you,
5
5
  then you win. –- Mahatma Gandhi
6
6
 
7
+ Sat Oct 27, 2018 (0.14.2)
8
+ ---------------------------------------------------------------------
9
+
10
+ #### Fixed XSS flaw in tags_helper
11
+ Credit Antonin Steinhauser (steinhause) for discovery and responsible disclosure.
12
+
13
+ Wed Jan 24, 2018 (0.14.1)
14
+ ---------------------------------------------------------------------
15
+
16
+ - Fix for CVE-2017-0889 (Paperclip)
17
+
7
18
  Mon, Dec 5, 2016 (0.14.0)
8
19
  ---------------------------------------------------------------------
9
20
  Forked to publish 'reduced_fat_crm', a version of fat-free-crm with
data/app/helpers/tags_helper.rb CHANGED
@@ -15,7 +15,7 @@ module TagsHelper
15
15
  elsif !query.include?(hashtag)
16
16
  query += " #{hashtag}"
17
17
  end
18
- out << link_to_function(tag, "crm.search_tagged('#{query}', '#{model.class.to_s.tableize}')", title: tag)
18
+ out << link_to_function(tag, "crm.search_tagged('#{escape_javascript(query)}', '#{model.class.to_s.tableize}')", title: tag)
19
19
  end
20
20
  end
21
21
 
data/lib/fat_free_crm/version.rb CHANGED
@@ -7,7 +7,7 @@ module FatFreeCRM
7
7
  module VERSION #:nodoc:
8
8
  MAJOR = 0
9
9
  MINOR = 14
10
- TINY = 1
10
+ TINY = 2
11
11
  PRE = nil
12
12
 
13
13
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fat_free_crm
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.14.1
4
+ version: 0.14.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Dvorkin
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-01-24 00:00:00.000000000 Z
14
+ date: 2018-10-27 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: rails
@@ -1559,7 +1559,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
1559
1559
  version: '0'
1560
1560
  requirements: []
1561
1561
  rubyforge_project:
1562
- rubygems_version: 2.6.14
1562
+ rubygems_version: 2.7.7
1563
1563
  signing_key:
1564
1564
  specification_version: 4
1565
1565
  summary: Fat Free CRM