Ruby on Rails v6.0.3.1

Version Release Notes from June 16, 2020 (almost 4 years ago)

« Changelog History

Ruby on Rails v6.0.3.1 Release Notes

Release Date: 2020-06-16 // almost 4 years ago

👍 Active Support
🗄 [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
[CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore

Active Model
- No changes.
Active Record
- No changes.
Action View
- [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
Action Pack
[CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a per-form token
[CVE-2020-8164] Return self when calling #each, #each_pair, and #each_value instead of the raw @parameters hash

👷 Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
Railties
- No changes.

Awesome Ruby is part of the LibHunt network. Terms. Privacy Policy.