ruby-actionpack-3.2 (3.2.6-5) unstable; urgency=high

  * debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk
    [CVE-2013-0155] (Closes: #697802)

 -- Antonio Terceiro <terceiro@debian.org>  Wed, 09 Jan 2013 18:25:45 -0300

ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high

  * Add patches for security problems (Closes: #684454):
    + CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
      prompt
    + CVE-2012-3465 - XSS Vulnerability in strip_tags
    + Both patches were edited from their original versions in two ways:
      - the leading a/ and b/ from the filenames were stripped
      - changes over test files were removed, since the Debian package
        contains no test files.

 -- Antonio Terceiro <terceiro@debian.org>  Fri, 10 Aug 2012 13:08:08 -0300

ruby-actionpack-3.2 (3.2.6-3) unstable; urgency=high

  * Add patch by Aaron Patterson for CVE-2012-3424 (Closes: #683370)

 -- Antonio Terceiro <terceiro@debian.org>  Sat, 04 Aug 2012 09:28:12 -0300

ruby-actionpack-3.2 (3.2.6-2) unstable; urgency=low

  * Bump build dependency to gem2deb >= 0.3.0~

 -- Antonio Terceiro <terceiro@debian.org>  Sun, 24 Jun 2012 19:06:43 -0300

ruby-actionpack-3.2 (3.2.6-1) unstable; urgency=low

  * New upstream release.
  * debian/control:
    + review short description
    + add myself to Uploaders:

 -- Antonio Terceiro <terceiro@debian.org>  Sat, 16 Jun 2012 21:15:28 -0300

ruby-actionpack-3.2 (3.2.3-2) unstable; urgency=low

  * Add Conflict with ruby-actionpack-2.3 (Closes: #673737)
  * B-D ruby-activerecord-3.2 and ruby-activesupport-3.2 are already
    in unstable (Closes: #671986)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 23 May 2012 13:03:07 +0200

ruby-actionpack-3.2 (3.2.3-1) unstable; urgency=low

  * Initial release

 -- Ondřej Surý <ondrej@debian.org>  Wed, 25 Apr 2012 09:14:01 +0000
