OHR Support:e2bc4e905af14a953f07852947815e45b0b7161c commitshttps://ohwr.org/project/ohr-support/commits/e2bc4e905af14a953f07852947815e45b0b7161c2013-01-06T22:52:16Zhttps://ohwr.org/project/ohr-support/commit/e2bc4e905af14a953f07852947815e45b0b7161cUpdate Copyright for 20132013-01-06T22:52:16ZHolger Justhjust@meine-er.de
We programmers have a nice new years tradition: We revisit all of
our projects and add 1 to a small number near a "(c)".
-- Volker Dusch
<a href="https://twitter.com/__edorian/status/153801913442373633" rel="nofollow noreferrer noopener" target="_blank">https://twitter.com/__edorian/status/153801913442373633</a>https://ohwr.org/project/ohr-support/commit/6ece1687de00d314ab6fbdc4dad1065642a2c712Fix XSS vulnerabilities in Rails (CVE-2012-3464, CVE-2012-3465) #1113 #11142013-01-06T22:50:49ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/6d87b8b297e21f9901852eaf36b8f479b309c1acSQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) #11952013-01-06T22:50:32ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/bd509a40084d7092c514d8a053fcb6bd8683722cBump version to 2.7.32012-06-13T08:29:12ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/b0ec4c140d3de40f38987a68533de6f055f46856Update changelog for v2.7.32012-06-13T08:28:55ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/e178f1ce9c9999ebd7f8f16dbfc996badd961c83Fix SQL injection via nested hashes in conditions. CVE-2012-2695 #10372012-06-13T08:27:30ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/c3d3bec47f42fb375c5a99e23afae6a52bab5938Fix SQL injection via nested hashes in conditions (CVE-2012-2694) #10362012-06-13T08:27:21ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/8d56d32774bdcc7e2b75d32ad3a25533f36c21b3Bump to 2.7.22012-06-09T16:17:46ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/44564405351c1a55e60b7102ad8eddec6e629c7eUpdate changelog for v2.7.22012-06-09T16:17:14ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/f959b9bdb98fa5cfd1311c366bf1dafab6c2dc2c[#1025] Fix Rails vulnerability (CVE-2012-2660)2012-06-09T16:03:41ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/9d32e68ec05f965b7929dc410ee53f4f0bfd1ed2Bump version to 2.7.12012-04-04T12:09:08ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/80289c5a70ab3b08e4f2806689e6271b35036d67Set user_id as a protected attribute (#922).2012-04-04T12:06:01ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/902c624b4763a8cce69b3f3869e210dd86f48d6cPrevent mass-assignment vulnerability when adding/updating a wiki (#922).2012-04-04T12:06:00ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/aee7d7315b7b35d1152b33381e6f1dc8d273ea7bPrevent mass-assignment vulnerability when adding/updating a version (#922).2012-04-04T12:05:41ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/1f108174445bb0363c1bede9a12f6290168246faPrevent mass-assignment vulnerability when adding/updating a time entry (#922).2012-04-04T11:39:37ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/ea3ff66b8e755880ec6bafc94526a4903c679c9dUse safe_attributes= just like in #create. (#922)2012-04-04T11:39:37ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/ee99b2de03960f547688605702edbdb1e262f0a4Prevent mass-assignment vulnerability when adding/updating a news (#922).2012-04-04T11:39:37ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/4c322d379e3792895daf661fd1714595aadec034Prevent mass-assignment vulnerability when adding/updating a forum message (#...2012-04-04T11:39:36ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/f12b9fca08ab015037182bae94106ca70105771dPrevent mass-assignment vulnerability when adding a project member (#922).2012-04-04T11:39:36ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/296b3173ef01227232b9ea9d67404bf8e5e571f8Prevent mass-assignment vulnerability when adding/updating an issue category ...2012-04-04T11:39:20ZJean-Philippe Langjp_lang@yahoo.frhttps://ohwr.org/project/ohr-support/commit/c651ba1a98ad09c4d60dc8f3065c181dfa8a4bd4Prevent mass-assignment vulnerability when adding/updating a document (#922).2012-04-04T11:30:21ZJean-Philippe Langjp_lang@yahoo.fr
Conflicts:
app/controllers/documents_controller.rbhttps://ohwr.org/project/ohr-support/commit/ad996d7839ef29c608df67e2b3c56f6b8f6feb70Merge branch 'release-v2.7.0' into stable2012-02-06T22:40:10ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/608fd61138257663bbfd3723db5cc0c80842b13fBump version to 2.7.02012-02-06T22:36:58ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/a059cb489286ef16dda416b5d68bf1e0c152ef26Update changelog for 2.7.0 release2012-02-06T22:36:29ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/aa5be5132dd57cb6f58b021c6c9f9e4f2baed1e1[#593] Generate wiki content notifications in the JournalObserver - backporte...2012-02-06T21:54:53ZHolger Justh.just@finn.de
This will prevent the usage of the wrong wiki_content status.
The code is not overly pretty and deserves a thorough refactoring, but at
least it solves the problem at hand.https://ohwr.org/project/ohr-support/commit/6fd9bc490f063a36f9aa673059195a9779dffd5f[#849 #789] Remove config.ru - Backport for 2.72012-02-06T21:50:38ZHolger Justhjust@meine-er.de
Rails 2.3 doesn't work well as a rack-only apphttps://ohwr.org/project/ohr-support/commit/f417996ff0542efe7f35e4aa8a8a3cade6eed1cf[#839] Remove ruby-debug dependency - Backport for 2.72012-02-06T21:50:10ZHolger Justhjust@meine-er.de
It completely breaks on Ruby 1.9.3-p0. This is a stopper for people installing all groups. For the rest it is rarely used at all. Developers and testers requiring it can include it into their Gemfile.localhttps://ohwr.org/project/ohr-support/commit/43afcde38dc0ba601d1d2c912a7abc576aed2f9b[#875] Fix typo2012-02-01T16:26:07ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/58435c82e4aca27889b2bcfe3dbf91f6800a8a66[#775] Remove noisy journals on Attachments and Messages2012-01-31T15:03:01ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/01fefe8d3b275267dca52ef414252e5d036682ae[#775] Don't create a new journal on parent message on reply2012-01-31T15:02:56ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/fb595ec7f9220e93ef903f223d87128babaf7bca[#775] Don't create a new journal on Attachment#increment_download2012-01-31T15:02:49ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/11b441f7453a11de8acdd5b734324ae2fd892e05Load Gemfiles from vendor/chiliproject_plugins2012-01-11T11:02:25ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/cd0ea44ff8dcc1a931c9ed54860d786f97304605[#822] Provide a default log_encoding even if the db column is not present yet2012-01-10T17:32:38ZHolger Justhjust@meine-er.dehttps://ohwr.org/project/ohr-support/commit/4c0b1953807e3ce8a652b2328bdd9ceb3dcfd546[#819] set RAILS_ENV if only RACK_ENV is provided2012-01-05T23:56:57ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/ec9352dffe0ba52d9f87fd6e3e5cdb9d509acc57Merge branch 'release-v2.6.0' into stable2012-01-03T19:48:31ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/939fd0b9fa97060afe6b8bf8887b783bf5f9968fBump version to 2.6.02012-01-03T19:46:58ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/4d4b5b6642a720ac1ce7903d730f83617fbf962aUpdate changelog for 2.6.0 release2012-01-03T19:45:16ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/7ef1c41aa0ff17c67106b70c3f627630b7810ddeForce source encoding to UTF-82012-01-03T19:43:42ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/4577e54f046c95be4c987c15b8f24c786f63bfffFix trailing whitespace2012-01-03T19:43:08ZHolger Justh.just@finn.dehttps://ohwr.org/project/ohr-support/commit/e95b4992e4144658a44c86dcbecd474f2d39fb47Update copyright for 20122012-01-03T19:36:40ZHolger Justh.just@finn.de
We programmers have a nice new years tradition: We revisit all of our
projects and add 1 to a small number near a "(c)".
-- Volker Dusch
<a href="https://twitter.com/__edorian/status/153801913442373633" rel="nofollow noreferrer noopener" target="_blank">https://twitter.com/__edorian/status/153801913442373633</a>