kolan
/
obsolete.ChilliProject
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,072 Commits 5 Branches 46 Tags 17 MiB
Commit Graph

5072 Commits

Author SHA1 Message Date
Holger Just bfdc43ba73 Bump version to v2.8.1 2013-01-16 23:29:13 +01:00
Holger Just 2b909243ee Update Changelog for v2.8.1 2013-01-16 23:28:51 +01:00
Holger Just b7a82ac691 Fix for CVE-2013-0155 in Rails 2013-01-16 23:27:30 +01:00
Holger Just 964d19cc57 Bump version to 2.8.0 2013-01-09 14:11:46 +01:00
Holger Just dd945c78c3 Update Changelog for v2.8.0 2013-01-09 14:11:18 +01:00
Holger Just 41e349888b Remove Rails patches which are already included in Rails 2.3.15 #1200 2013-01-09 14:11:18 +01:00
Holger Just dca36c222a Bump Rails version to 2.3.15 #1200 2013-01-09 14:11:18 +01:00
Holger Just 524ef942d9 Bump version to v2.7.4 2013-01-06 23:56:43 +01:00
Holger Just e06dd303db Update Changelog for v2.7.4 2013-01-06 23:56:23 +01:00
Holger Just e2bc4e905a Update Copyright for 2013 
We programmers have a nice new years tradition: We revisit all of
our projects and add 1 to a small number near a "(c)".

-- Volker Dusch
https://twitter.com/__edorian/status/153801913442373633
 2013-01-06 23:52:16 +01:00
Holger Just 6ece1687de Fix XSS vulnerabilities in Rails (CVE-2012-3464, CVE-2012-3465) #1113 #1114 2013-01-06 23:50:49 +01:00
Holger Just 6d87b8b297 SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) #1195 2013-01-06 23:50:32 +01:00
Holger Just bd509a4008 Bump version to 2.7.3 2012-06-13 10:29:12 +02:00
Holger Just b0ec4c140d Update changelog for v2.7.3 2012-06-13 10:28:55 +02:00
Holger Just e178f1ce9c Fix SQL injection via nested hashes in conditions. CVE-2012-2695 #1037 2012-06-13 10:27:30 +02:00
Holger Just c3d3bec47f Fix SQL injection via nested hashes in conditions (CVE-2012-2694) #1036 2012-06-13 10:27:21 +02:00
Holger Just 8d56d32774 Bump to 2.7.2 2012-06-09 18:17:46 +02:00
Holger Just 4456440535 Update changelog for v2.7.2 2012-06-09 18:17:14 +02:00
Holger Just f959b9bdb9 [#1025] Fix Rails vulnerability (CVE-2012-2660) 2012-06-09 18:03:41 +02:00
Holger Just 9d32e68ec0 Bump version to 2.7.1 2012-04-04 14:09:08 +02:00
Jean-Philippe Lang 80289c5a70 Set user_id as a protected attribute (#922). 2012-04-04 14:06:01 +02:00
Jean-Philippe Lang 902c624b47 Prevent mass-assignment vulnerability when adding/updating a wiki (#922). 2012-04-04 14:06:00 +02:00
Jean-Philippe Lang aee7d7315b Prevent mass-assignment vulnerability when adding/updating a version (#922). 2012-04-04 14:05:41 +02:00
Jean-Philippe Lang 1f10817444 Prevent mass-assignment vulnerability when adding/updating a time entry (#922). 2012-04-04 13:39:37 +02:00
Jean-Philippe Lang ea3ff66b8e Use safe_attributes= just like in #create. (#922) 2012-04-04 13:39:37 +02:00
Jean-Philippe Lang ee99b2de03 Prevent mass-assignment vulnerability when adding/updating a news (#922). 2012-04-04 13:39:37 +02:00
Jean-Philippe Lang 4c322d379e Prevent mass-assignment vulnerability when adding/updating a forum message (#922). 2012-04-04 13:39:36 +02:00
Jean-Philippe Lang f12b9fca08 Prevent mass-assignment vulnerability when adding a project member (#922). 2012-04-04 13:39:36 +02:00
Jean-Philippe Lang 296b3173ef Prevent mass-assignment vulnerability when adding/updating an issue category (#922). 2012-04-04 13:39:20 +02:00
Jean-Philippe Lang c651ba1a98 Prevent mass-assignment vulnerability when adding/updating a document (#922). 
Conflicts:

	app/controllers/documents_controller.rb
 2012-04-04 13:30:21 +02:00
Holger Just ad996d7839 Merge branch 'release-v2.7.0' into stable 2012-02-06 23:40:10 +01:00
Holger Just 608fd61138 Bump version to 2.7.0 2012-02-06 23:36:58 +01:00
Holger Just a059cb4892 Update changelog for 2.7.0 release 2012-02-06 23:36:29 +01:00
Holger Just aa5be5132d [#593] Generate wiki content notifications in the JournalObserver - backported for 2.7 
This will prevent the usage of the wrong wiki_content status.

The code is not overly pretty and deserves a thorough refactoring, but at
least it solves the problem at hand.
 2012-02-06 22:54:53 +01:00
Holger Just 6fd9bc490f [#849 #789] Remove config.ru - Backport for 2.7 
Rails 2.3 doesn't work well as a rack-only app
 2012-02-06 22:50:38 +01:00
Holger Just f417996ff0 [#839] Remove ruby-debug dependency - Backport for 2.7 
It completely breaks on Ruby 1.9.3-p0. This is a stopper for people installing all groups. For the rest it is rarely used at all. Developers and testers requiring it can include it into their Gemfile.local
 2012-02-06 22:50:10 +01:00
Holger Just 43afcde38d [#875] Fix typo 2012-02-01 17:26:07 +01:00
Holger Just 58435c82e4 [#775] Remove noisy journals on Attachments and Messages 2012-01-31 16:03:01 +01:00
Holger Just 01fefe8d3b [#775] Don't create a new journal on parent message on reply 2012-01-31 16:02:56 +01:00
Holger Just fb595ec7f9 [#775] Don't create a new journal on Attachment#increment_download 2012-01-31 16:02:49 +01:00
Holger Just 11b441f745 Load Gemfiles from vendor/chiliproject_plugins 2012-01-11 12:02:25 +01:00
Holger Just cd0ea44ff8 [#822] Provide a default log_encoding even if the db column is not present yet 2012-01-10 18:32:38 +01:00
Holger Just 4c0b195380 [#819] set RAILS_ENV if only RACK_ENV is provided 2012-01-06 00:56:57 +01:00
Holger Just ec9352dffe Merge branch 'release-v2.6.0' into stable 2012-01-03 20:48:31 +01:00
Holger Just 939fd0b9fa Bump version to 2.6.0 2012-01-03 20:46:58 +01:00
Holger Just 4d4b5b6642 Update changelog for 2.6.0 release 2012-01-03 20:45:16 +01:00
Holger Just 7ef1c41aa0 Force source encoding to UTF-8 2012-01-03 20:43:42 +01:00
Holger Just 4577e54f04 Fix trailing whitespace 2012-01-03 20:43:08 +01:00
Holger Just e95b4992e4 Update copyright for 2012 
We programmers have a nice new years tradition: We revisit all of our
projects and add 1 to a small number near a "(c)".

-- Volker Dusch
https://twitter.com/__edorian/status/153801913442373633
 2012-01-03 20:36:40 +01:00
Holger Just f90d0fd775 Update locales 2012-01-03 20:29:25 +01:00