updating the changelog

2026-01-09 14:48:08 -05:00 · 2013-12-02 16:17:19 -08:00
parent d5a4095ca5
commit 64226302d8
10 changed files with 17 additions and 9 deletions
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,3 +1,11 @@
+*   Deep Munge the parameters for GET and POST Fixes CVE-2013-6417
+
+*   Stop using i18n's built in HTML error handling.  Fixes: CVE-2013-4491
+
+*   Escape the unit value provided to number_to_currency Fixes CVE-2013-6415
+
+*   Only use valid mime type symbols as cache keys CVE-2013-6414
+
 ## Rails 3.2.15 (Oct 16, 2013) ##

 *   Fix `ActionDispatch::RemoteIp::GetIp#calculate_ip` to only check for spoofing
--- a/actionpack/lib/action_pack/version.rb
+++ b/actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack
  module VERSION #:nodoc:
    MAJOR = 3
    MINOR = 2
-    TINY  = 15
+    TINY  = 16
    PRE   = nil

    STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')