rails (2.0.2-1ubuntu1) hardy; urgency=low * Post Feature Freeze upload (LP: #198160) * Change maintainer to MOTU * Add 20_fix_cp.dpatch to fix copy in doc package build and avoid FTBFS - Patch thanks to Michael Milligan -- Scott Kitterman Wed, 05 Mar 2008 21:05:42 -0500 rails (2.0.2-1) unstable; urgency=low * New upstream release + SQLite3 is now the default database, instead of MySQL + [config/environments/production.rb] production mode will now longer cache templates meaning they will load A LOT faster but for any changes to appear, one will have to reload the entire application. -- Adam Majer Sat, 22 Dec 2007 22:22:59 -0600 rails (2.0.1-2) unstable; urgency=low * Added Pre-Depends on dpkg (>= 1.10.24) as a workaround to Debian install scripts do not seem to be updated since beginning of century. Can't upload bzip2 deb compressed deb without adding this superfluous depend. * Move libmocha-ruby1.8 from Depends to Recommends as it is only needed for unit testing. * Give in and depend on libruby1.8-extras. We need this to satisfy dependencies on OpenSSL and the ever so popular rubygems, though rails will continue to work if rubygems 'gem' fails. -- Adam Majer Tue, 18 Dec 2007 00:33:47 -0600 rails (2.0.1-1) unstable; urgency=low * New upstream release (closes: #454909) + ActionWebservice is no more - rolled into ActionResource + SOAP support removed * Use bzip2 to compress the deb, instead of the default (gzip) * Update Standards version to 3.7.3 - no changes needed * Added a lot more exceptions to lintian checks - rails does not need all script executable. -- Adam Majer Tue, 11 Dec 2007 18:48:45 -0600 rails (1.2.6-1) unstable; urgency=high * New upstream release + Fixes a previous session-fixation attack vector that was not completely fixed (see 1.2.5-1 changelog) [CVE-2007-6077] (closes: #452748) * Use bash systax in bash script instead of ruby syntax. Fixes the -I/--internal parameter so one can pass switches directly to the upstream rails ruby script (closes: #381295, #390886) -- Adam Majer Tue, 27 Nov 2007 22:22:34 -0600 rails (1.2.5-1) unstable; urgency=low * This is a new upstream release that addresses problems not corrected in 1.2.4 or regressions. + to_json XSS [CVE-2007-3227] is really closed now + Potential Information Disclosure or DoS with Hash#from_xml [CVE-2007-5379] + Session Fixation attacks. [CVE-2007-5380] URL based sessions are now disabled by default. Session ids are only accepted from cookies by default now. -- Adam Majer Sun, 14 Oct 2007 21:12:34 -0500 rails (1.2.4-1) unstable; urgency=low * New upstream release. Fixes at least 2 XSS bugs. + Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Upstream changeset 7589 + to_json did not escape values which allows for XSS. Applied upstream changesets 6893, 6894. This bug as also been assigned designation CVE-2007-3227 (closes: #429177) * Add dependency on Sqlite3 as ActiveRecord supports this DB as well * Add dependency on libmocha which is needed by some unit tests -- Adam Majer Mon, 08 Oct 2007 11:27:25 -0500 rails (1.2.3-2) unstable; urgency=low * Add mojo for doc-base document registration thanks to the patch by Remi Vanicat. (closes: 386689) * Upload to Sid now that Etch is out -- Adam Majer Sun, 06 May 2007 17:31:29 -0500 rails (1.2.3-1) experimental; urgency=low * New upstream release -- Adam Majer Mon, 19 Mar 2007 13:36:52 -0500 rails (1.2.2-2) experimental; urgency=low * We cannot remove the link vendor/rails, but we can point it so it is not recursive. Recursive links seem to break eclipse and lack of vendor/rails breaks rails. The link target will create a non-recursive link, but a rails deployment that copies the rails directories will still contain recursive symlink. The problem is really in Eclipse though. It should handle recursive symlinks. -- Adam Majer Tue, 20 Feb 2007 13:22:24 -0600 rails (1.2.2-1) experimental; urgency=low * New upstream release (closes: #408688) * Remove link that crashes eclipse (closes: #405344) -- Adam Majer Tue, 20 Feb 2007 12:08:03 -0600 rails (1.1.6-3) unstable; urgency=low * Remove the 12_options patch which actually breaks select. (closes: #406658) -- Adam Majer Sun, 14 Jan 2007 12:41:58 -0600 rails (1.1.6-2) unstable; urgency=low * [12_options] Fixes inconsistent behavior of select helper functions. * Added libfcgi-ruby1.8 to Suggests * Conflict with libdevel-logger-ruby1.8 until after Etch is released (closes: #405555) -- Adam Majer Thu, 11 Jan 2007 00:01:34 -0600 rails (1.1.6-1) unstable; urgency=emergency * New upstream 'security hole fix' release + This one fixes the fix in 1.1.5 as that one was still vulnerable. (closes: #382255) -- Adam Majer Thu, 10 Aug 2006 13:43:01 -0500 rails (1.1.5-1) unstable; urgency=emergency * New upstream release + Fixes a remote security hole [Bugtraq 19454] -- Adam Majer Thu, 10 Aug 2006 10:50:13 -0500 rails (1.1.4-2) unstable; urgency=low * Change default listening socket to 127.0.0.1 from 0.0.0.0 -- Adam Majer Thu, 27 Jul 2006 21:56:53 -0500 rails (1.1.4-1) unstable; urgency=low * New upstream release * Moved build-depends-indep to build-depends to prevent build failures. -- Adam Majer Mon, 10 Jul 2006 14:06:08 -0500 rails (1.1.2-1) unstable; urgency=low * New upstream release * Added support to specify database name (using -D) and to specify options that will be passed to rails script directly (-I). Added these to manpage as well. (closes: #361990) * Depend and build-depend on rake >7.0 (closes: #362890) * Updated standards to version 3.7.2. No changes. -- Adam Majer Sun, 14 May 2006 01:08:49 -0500 rails (1.1.0release-1) unstable; urgency=low * New upstream release * Added a link to railties/config directory as an example of configuration files -- Adam Majer Tue, 4 Apr 2006 14:05:04 -0500 rails (1.1.0rc1-2) unstable; urgency=low * Fixed a problem that prevents rails from creating new projects thanks to Nobuhiro IMAI (closes: #359227) -- Adam Majer Mon, 27 Mar 2006 11:13:21 -0600 rails (1.1.0rc1-1) unstable; urgency=low * New upstream version. + Fixes FTBFS with new rdoc (closes: #357011) * Changed vendor/rails link to be relative, not absolute when first created. -- Adam Majer Sun, 26 Mar 2006 00:23:24 -0600 rails (1.0.0-2) unstable; urgency=low * Applied a patch to correctly set rdoc options. (closes: #357001) -- Adam Majer Sat, 25 Mar 2006 21:02:26 -0600 rails (1.0.0-1) unstable; urgency=low * New upstream release + Now handles multiple databases (closes: #341496) * Modified Suggests: to include mod_fcgid (closes: #339953) -- Adam Majer Thu, 15 Dec 2005 12:40:38 -0600 rails (0.14.3-1) unstable; urgency=low * New upstream release * Modified Suggests: to include mod-ruby for Apache2 users. (closes: #331233) * Build-Depend on rake > 0.6.0 (closes: #333700) * /usr/bin/rails now creates a rails->. symlink in vendor directory. This is needed to sidestep the gems requirements -- Adam Majer Thu, 13 Oct 2005 18:38:16 -0500 rails (0.13.1-2) unstable; urgency=low * Fixed logger problems such that it works with both 1.8.2 and 1.8.3 (closes: #330400). Upstream changes are: + Fixed clean logger to work with Ruby 1.8.3 Logger class (#2245) + Clean logger is compatible with both 1.8.2 and 1.8.3 Logger. (#2263) [Michael Schuerig ] -- Adam Majer Thu, 29 Sep 2005 16:24:22 -0500 rails (0.13.1-1) unstable; urgency=low * New upstream release -- Adam Majer Mon, 11 Jul 2005 10:22:39 -0500 rails (0.13.0-1) unstable; urgency=low * New upstream release + Fixes problem with action web service (closes: #317044) * Remove an unnecessary depend on libtest-unit-ruby (closes: #315254) * Updated standards to 3.6.2 -- Adam Majer Wed, 6 Jul 2005 18:59:12 -0500 rails (0.12.1-2) unstable; urgency=low * Enabled patch supporting PostgreSQL schemas * Added routing patch (upstream patch 1375). This patch changes routing such that the longest possible path is matched against the controller, not the first possible path. -- Adam Majer Mon, 30 May 2005 11:47:51 -0500 rails (0.12.1-1) unstable; urgency=low * New upstream release. Packaged SVN changeset 1234 as rails 0.12.1 due to lack of upstream tag (closes: #306389) * Added some upstream patches + Fixed acts_as_list where deleting an item that was removed from the list would ruin the positioning of other list items #1197 [Jamis Buck] + This patch adds new options `encoding' and `min_messages' to database.yml for PostgreSQL + Patch removing extraneous comma in count() (#1156) -- Adam Majer Wed, 27 Apr 2005 20:55:32 -0500 rails (0.12.0-1) unstable; urgency=low * New upstream release -- Adam Majer Tue, 19 Apr 2005 14:17:17 -0500 rails (0.11.1-3) unstable; urgency=low * Turned off ActiveRecord::Base.@@colorize_logging. Colorized logs are difficult to view on any other than background than black and difficult to parse. -- Adam Majer Mon, 18 Apr 2005 17:01:18 -0500 rails (0.11.1-2) unstable; urgency=low * Fixed the Inflector patch -- Adam Majer Wed, 30 Mar 2005 17:29:29 -0600 rails (0.11.1-1) unstable; urgency=low * New upstream release * Added some patches (submitted upstream to #950, #962) that should add support for PostgreSQL schemas to Fixtures as well as to enable static mapping between table names and classes using set_table_name (only set in Inflector if the name is not the one guessed). -- Adam Majer Sun, 27 Mar 2005 14:56:35 -0600 rails (0.11.0-2) unstable; urgency=low * Fix broken config/environment.rb to use "old" vendor directories. -- Adam Majer Fri, 25 Mar 2005 01:28:05 -0600 rails (0.11.0-1) unstable; urgency=low * New upstream release - Ajax, Pagination, Non-vhost, Incoming mail support * Included tmail in the vendor distribution. Rails extended tmail with some new code and Debian's distribution of tmail is not sufficient. -- Adam Majer Wed, 23 Mar 2005 13:29:19 -0600 rails (0.10.1-7) unstable; urgency=low * Hmmmm. Fixed the missing Depends problem.. (closes: #300637) -- Adam Majer Sun, 20 Mar 2005 16:27:56 -0600 rails (0.10.1-6) unstable; urgency=low * Simplify depends. libruby >= 1.8.2-3 reduces the number of packages in the archive. Thank you ruby mainteiners! -- Adam Majer Tue, 15 Mar 2005 15:53:07 -0600 rails (0.10.1-5) unstable; urgency=low * Added rdoc to build depends thanks to Roland Stigge (closes: #299381) -- Adam Majer Sun, 13 Mar 2005 16:31:29 -0600 rails (0.10.1-4) unstable; urgency=low * Added libredcloth-ruby1.8 to Depends. Now if someone would package bluecloth as well (hint, hint!) -- Adam Majer Sat, 12 Mar 2005 00:52:26 -0600 rails (0.10.1-3) unstable; urgency=low * Rewrote /usr/bin/rails to accomodate updates + /vendor and upstream documentation are now symlinks by default. -l command line option was removed. This allows for automated updates to latest rails. + Added -C command line option one wants a copy of /vendor or rails documentation instead of symlinks + Added -F commend line option to force overwrite of user files during an update * Rails documentation is now pregenerated and located in /usr/share/doc/rails/html. * Added rake as a build dependecy -- Adam Majer Fri, 11 Mar 2005 21:41:02 -0600 rails (0.10.1-2) unstable; urgency=low * Updated dependencies. All dependencies now checked. Some non-critical ones like memcache are missing in Debian, but rails should be unaffected. -- Adam Majer Mon, 7 Mar 2005 15:39:23 -0600 rails (0.10.1-1) unstable; urgency=low * New upstream release * Fix more missing dependencies * Removed bash>3 dependency in /usr/bin/rails script (closes: #298180) * Added a watch file to monitor later upstream version. Not good for updates though since upstream doesn't seem to have a true source tar.gz file. Source distribution only available from tagged svn. * Set default socket for MySQL to /var/run/mysqld/mysqld.sock thanks for a patch from Alberto Brealey-Guzman (closes: #298258) -- Adam Majer Sat, 7 Mar 2005 13:51:15 -0600 rails (0.10.0-1) unstable; urgency=low * New upstream release + Adds web service support (actionwebservice) + Adds URI routing to end the Apache mod_rewrite hell + Added Oracle support. Rails now supports PostgreSQL, MySQL, SQLite, MSSQL and Oracle database backends. + and many bug fixes * Fixed depend -- Adam Majer Sun, 27 Feb 2005 20:52:29 -0600 rails (0.9.5-1) unstable; urgency=low * Initial Release (closes: #293055) -- Adam Majer Fri, 4 Feb 2005 21:20:52 -0600