Comment 12 for bug 151078

rails (1.2.4-1ubuntu1) gutsy; urgency=low

  * debian/control:
    + Remove libmocha-ruby1.8 from Depends for rails.
      It's not included in gutsy and only used for unit tests.
    + Modify Maintainer value to match DebianMaintainerField spec.
  * UVF exception: LP: #151078

rails (1.2.4-1) unstable; urgency=low

  * New upstream release. Fixes at least 2 XSS bugs.
    + Secure #sanitize, #strip_tags, and #strip_links helpers against
    xss attacks. Upstream changeset 7589
    + to_json did not escape values which allows for XSS. Applied
    upstream changesets 6893, 6894. This bug as also been assigned
    designation CVE-2007-3227 (closes: #429177)
  * Add dependency on Sqlite3 as ActiveRecord supports this DB as
    well
  * Add dependency on libmocha which is needed by some unit tests

 -- Michael Bienia <email address hidden> Tue, 09 Oct 2007 23:01:26 +0200