oss-sec mailing list archives
Amended Patches for CVE-2014-3483 for Rails 4.x
From: Rafael Mendonça França <rafaelmfranca () gmail com>
Date: Wed, 2 Jul 2014 16:54:51 -0300
The original patches introduced a regression on the PostgreSQL Range feature. This regression was only introduced to Rails 4.x. Rails 3.2 users are not impacted. I'm including a new version of the patches and an incremental version that can be applied atop the previous patches. * 4-1-postgres-sqli-amended.patch - Amended Patch for 4.1.2. * 4-0-postgres-sqli-amended.patch - Amended Patch for 4.0.6. * 4-1-postgres-sqli-incremental.patch - Incremental Patch for 4.1.3. * 4-0-postgres-sqli-incremental.patch - Incremental Patch for 4.0.7. Rafael Mendonça França http://twitter.com/rafaelfranca https://github.com/rafaelfranca
Attachment:
4-0-postgres-sqli-amended.patch
Description:
Attachment:
4-1-postgres-sqli-amended.patch
Description:
Attachment:
4-0-postgres-sqli-incremental.patch
Description:
Attachment:
4-1-postgres-sqli-incremental.patch
Description:
Current thread:
- Amended Patches for CVE-2014-3483 for Rails 4.x Rafael Mendonça França (Jul 02)