a3639bfd2f
Only databases/ruby-activerecord61 has updated. Rails 6.0.6.1 (2023-01-17) * Make `sanitize_as_sql_comment` more strict Though this method was likely never meant to take user input, it was attempting sanitization. That sanitization could be bypassed with carefully crafted input. This commit makes the sanitization more robust by replacing any occurrances of "/*" or "*/" with "/ *" or "* /". It also performs a first pass to remove one surrounding comment to avoid compatibility issues for users relying on the existing removal. This also clarifies in the documentation of annotate that it should not be provided user input. [CVE-2023-22794] |
||
---|---|---|
.. | ||
ALTERNATIVES | ||
DESCR | ||
distinfo | ||
Makefile | ||
PLIST |