From 90b0cc51a09067043f908f21c1eb4c8688a5e781 Mon Sep 17 00:00:00 2001 From: Fabian Rodriguez Date: Wed, 4 Dec 2013 20:56:04 -0200 Subject: [PATCH 1/3] bump recommended Ruby version 1.9.3-p484 --- Changelog.md | 4 ++++ script/env/ruby_env | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index e7e255820..c9eb54cad 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,3 +1,7 @@ +# 0.2.0.1 + +* Bump recommended Ruby version to 1.9.3-p484, see https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ + # 0.2.0.0 **Attention:** This release includes a potentially long running migration! However it should be safe to run this while keeping your application servers on. diff --git a/script/env/ruby_env b/script/env/ruby_env index 045455bc9..2bc6e9a05 100644 --- a/script/env/ruby_env +++ b/script/env/ruby_env @@ -1,3 +1,3 @@ rubygems_version="2.0.3" -ruby_version="1.9.3-p448" +ruby_version="1.9.3-p484" gemset="diaspora" From 740c0bc0829d951d7acb88ef5dc8ad790477bc4d Mon Sep 17 00:00:00 2001 From: Fabian Rodriguez Date: Wed, 4 Dec 2013 21:36:54 -0200 Subject: [PATCH 2/3] bump Rails to version 3.2.16 --- Changelog.md | 1 + Gemfile | 2 +- Gemfile.lock | 66 ++++++++++++++++++++++++++-------------------------- 3 files changed, 35 insertions(+), 34 deletions(-) diff --git a/Changelog.md b/Changelog.md index c9eb54cad..f4d5f794d 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,5 +1,6 @@ # 0.2.0.1 +* Bump rails to version 3.2.16, fixes several security issues, see http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/ * Bump recommended Ruby version to 1.9.3-p484, see https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ # 0.2.0.0 diff --git a/Gemfile b/Gemfile index eb898ab26..3d7b0375f 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'rails', '3.2.13' +gem 'rails', '3.2.16' # Appserver diff --git a/Gemfile.lock b/Gemfile.lock index 10e4fcec1..25af4e38a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,12 +1,12 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (3.2.13) - actionpack (= 3.2.13) - mail (~> 2.5.3) - actionpack (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) + actionmailer (3.2.16) + actionpack (= 3.2.16) + mail (~> 2.5.4) + actionpack (3.2.16) + activemodel (= 3.2.16) + activesupport (= 3.2.16) builder (~> 3.0.0) erubis (~> 2.7.0) journey (~> 1.0.4) @@ -14,21 +14,21 @@ GEM rack-cache (~> 1.2) rack-test (~> 0.6.1) sprockets (~> 2.2.1) - activemodel (3.2.13) - activesupport (= 3.2.13) + activemodel (3.2.16) + activesupport (= 3.2.16) builder (~> 3.0.0) - activerecord (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) + activerecord (3.2.16) + activemodel (= 3.2.16) + activesupport (= 3.2.16) arel (~> 3.0.2) tzinfo (~> 0.3.29) activerecord-import (0.3.1) activerecord (~> 3.0) - activeresource (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) - activesupport (3.2.13) - i18n (= 0.6.1) + activeresource (3.2.16) + activemodel (= 3.2.16) + activesupport (= 3.2.16) + activesupport (3.2.16) + i18n (~> 0.6, >= 0.6.4) multi_json (~> 1.0) acts-as-taggable-on (2.4.1) rails (>= 3, < 5) @@ -37,7 +37,7 @@ GEM activesupport (>= 3.0.0) rack (>= 1.1.0) addressable (2.3.5) - arel (3.0.2) + arel (3.0.3) asset_sync (1.0.0) activemodel fog (>= 1.8.0) @@ -172,7 +172,7 @@ GEM hike (1.2.3) http_accept_language (1.0.2) httpauth (0.2.0) - i18n (0.6.1) + i18n (0.6.9) i18n-inflector (2.6.7) i18n (>= 0.4.1) i18n-inflector-rails (1.0.6) @@ -211,14 +211,14 @@ GEM redcarpet (>= 2.0) messagebus_ruby_api (1.0.3) method_source (0.8.2) - mime-types (1.23) + mime-types (1.25.1) mini_magick (3.6.0) subexec (~> 0.2.1) mini_portile (0.5.1) mobile-fu (1.2.1) rack-mobile-detect rails - multi_json (1.7.8) + multi_json (1.7.9) multi_test (0.0.2) multipart-post (1.2.0) mysql2 (0.3.13) @@ -281,14 +281,14 @@ GEM rack rack-test (0.6.2) rack (>= 1.0) - rails (3.2.13) - actionmailer (= 3.2.13) - actionpack (= 3.2.13) - activerecord (= 3.2.13) - activeresource (= 3.2.13) - activesupport (= 3.2.13) + rails (3.2.16) + actionmailer (= 3.2.16) + actionpack (= 3.2.16) + activerecord (= 3.2.16) + activeresource (= 3.2.16) + activesupport (= 3.2.16) bundler (~> 1.0) - railties (= 3.2.13) + railties (= 3.2.16) rails-i18n (0.7.4) i18n (~> 0.5) rails_admin (0.4.9) @@ -308,9 +308,9 @@ GEM sass-rails (~> 3.1) rails_autolink (1.1.0) rails (> 3.1) - railties (3.2.13) - actionpack (= 3.2.13) - activesupport (= 3.2.13) + railties (3.2.16) + actionpack (= 3.2.16) + activesupport (= 3.2.16) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) @@ -398,7 +398,7 @@ GEM tilt (1.4.1) timecop (0.6.1) timers (1.1.0) - treetop (1.4.14) + treetop (1.4.15) polyglot polyglot (>= 0.3.1) twitter (4.8.1) @@ -407,7 +407,7 @@ GEM simple_oauth (~> 0.2) typhoeus (0.6.3) ethon (~> 0.5.11) - tzinfo (0.3.37) + tzinfo (0.3.38) uglifier (2.1.2) execjs (>= 0.3.0) multi_json (~> 1.0, >= 1.0.2) @@ -481,7 +481,7 @@ DEPENDENCIES rack-protection (= 1.2) rack-rewrite (= 1.3.3) rack-ssl (= 1.3.3) - rails (= 3.2.13) + rails (= 3.2.16) rails-i18n (= 0.7.4) rails_admin (= 0.4.9) rails_autolink (= 1.1.0) From 299e02c60b023f321f40df69a0b332e81b8bd8d0 Mon Sep 17 00:00:00 2001 From: Fabian Rodriguez Date: Thu, 5 Dec 2013 08:50:49 -0200 Subject: [PATCH 3/3] bump to 0.2.0.1 --- config/defaults.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/defaults.yml b/config/defaults.yml index b9cb61880..b3b56d78c 100644 --- a/config/defaults.yml +++ b/config/defaults.yml @@ -4,7 +4,7 @@ defaults: version: - number: "0.2.0.0" # Do not touch unless doing a release, do not backport the version number that's in master but keep develp to always say "head" + number: "0.2.0.1" # Do not touch unless doing a release, do not backport the version number that's in master but keep develp to always say "head" heroku: false environment: url: "http://localhost:3000/"