Active Support
- No changes.
Active Model
- No changes.
Active Record
-
Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.Thanks to @dee-see from Hackerone for this patch!
Aaron Patterson
Action View
- No changes.
Action Pack
-
Prevent open redirect when allowed host starts with a dot
Thanks to @TkTech (https://hackerone.com/tktech) for reporting this
issue and the patch!Aaron Patterson
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.