Skip to content

updating rails to 3.2.10 in response to CVE-2012-5664

Matthias Käppler requested to merge github/fork/dvanduzer/4-0-stable into 4-0-stable

Created by: dvanduzer

See also: https://github.com/gitlabhq/gitlabhq/issues/2464 http://www.securityfocus.com/bid/57084

Additional notes!

  • The Vagrant VM rvm's the latest Ruby instead of recommended (and working) ruby-1.9.3-p327

  • DB setup/teardown isn't automatic. i.e. this is required:

    $ bundle exec rake gitlab:app:setup RAILS_ENV=test

Anyway, this commit doesn't change anything beyond upgrading rails. All tests currently passing.

Merge request reports

Loading