ruby-activerecord-3.2 (3.2.6-5+deb7u3) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2016-0753: Eliminate instance level writers for class accessors

 -- Guido Günther <agx@sigxcpu.org>  Fri, 30 Sep 2016 17:35:34 +0200

ruby-activerecord-3.2 (3.2.6-5+deb7u2) wheezy-security; urgency=medium

  * debian/patches/CVE-2015-7577.patch: properly implement destroy option.
    [CVE-2015-7577]

 -- Ola Lundqvist <opal@debian.org>  Thu, 26 May 2016 20:31:48 +0000

ruby-activerecord-3.2 (3.2.6-5+deb7u1) wheezy-security; urgency=medium

  * debian/patches/3-2-postgres-sqli.patch: fix vulnerabilities in PostgreSQL database
    adapter. [CVE-2014-3482] [CVE-2014-3483]

 -- Antonio Terceiro <terceiro@debian.org>  Mon, 14 Jul 2014 21:50:22 -0300

ruby-activerecord-3.2 (3.2.6-5) unstable; urgency=high

  * Bump build dependency on gem2deb to >- 0.3.0~ in debian/control.in
  * [CVE-2013-1854]: Fix symbol DoS vulnerability in Active Record

 -- Ondřej Surý <ondrej@debian.org>  Tue, 19 Mar 2013 09:36:39 +0100

ruby-activerecord-3.2 (3.2.6-4) unstable; urgency=high

  * debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk
    [CVE-2013-0155] (Closes: #697744).

 -- Antonio Terceiro <terceiro@debian.org>  Wed, 09 Jan 2013 18:18:07 -0300

ruby-activerecord-3.2 (3.2.6-3) unstable; urgency=high

  * debian/patches/3-2-dynamic_finder_injection.patch: fix SQL injection
    vulnerability (CVE-2012-5664).

 -- Antonio Terceiro <terceiro@debian.org>  Thu, 03 Jan 2013 11:21:18 -0300

ruby-activerecord-3.2 (3.2.6-2) unstable; urgency=low

  * Bump build dependency on gem2deb to >= 0.3.0~

 -- Antonio Terceiro <terceiro@debian.org>  Sun, 24 Jun 2012 18:52:10 -0300

ruby-activerecord-3.2 (3.2.6-1) unstable; urgency=low

  * New upstream release. Fixes the following security problems:
    + CVE-2012-2695
    + CVE-2012-2660 (Closes: #675429)
    + CVE-2012-2661 (Closes: #675396)
  * debian/control:
    + Add myself to Uploaders:
    + Conflicty with ruby-activerecord-2.3
    + Review short description
  * debian/patches/Remove_rubygems_dependency.patch: do not require database
    adapters to be installed via Rubygems.

 -- Antonio Terceiro <terceiro@debian.org>  Sat, 16 Jun 2012 20:58:15 -0300

ruby-activerecord-3.2 (3.2.3-3) unstable; urgency=low

  * Add Conflicts with ruby-activerecord-2.3 (Closes: #673741, #673578)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 23 May 2012 13:10:42 +0200

ruby-activerecord-3.2 (3.2.3-2) unstable; urgency=low

  * Fix binary package name ruby-activerecord -> ruby-activerecord-3.2

 -- Ondřej Surý <ondrej@debian.org>  Wed, 25 Apr 2012 13:44:18 +0200

ruby-activerecord-3.2 (3.2.3-1) unstable; urgency=low

  * Initial release

 -- Ondřej Surý <ondrej@debian.org>  Wed, 25 Apr 2012 13:43:56 +0200
