ruby-changes:27035
From: zzak <ko1@a...>
Date: Wed, 6 Feb 2013 12:50:08 +0900 (JST)
Subject: [ruby-changes:27035] zzak:r39087 (trunk): * NEWS: Add note about removal of CSV::load and CSV::dump from r39077
zzak 2013-02-06 12:49:59 +0900 (Wed, 06 Feb 2013) New Revision: 39087 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=39087 Log: * NEWS: Add note about removal of CSV::load and CSV::dump from r39077 Modified files: trunk/ChangeLog trunk/NEWS Index: ChangeLog =================================================================== --- ChangeLog (revision 39086) +++ ChangeLog (revision 39087) @@ -1,3 +1,7 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Wed Feb 6 12:49:00 2013 Zachary Scott <zachary@z...> + + * NEWS: Add note about removal of CSV::load and CSV::dump from r39077 + Wed Feb 6 05:57:00 2013 Zachary Scott <zachary@z...> * lib/racc/parser.rb: Hide copyright notice from Racc doc Index: NEWS =================================================================== --- NEWS (revision 39086) +++ NEWS (revision 39087) @@ -210,6 +210,10 @@ with all sufficient information, see the https://github.com/ruby/ruby/blob/trunk/NEWS#L210 * When HTML5 tagmaker called, overwrite CGI#header, CGI#header function is to create a <header> element. +* CSV + * Removed CSV::dump and CSV::load to protect users from dangerous + serialization vulnerability + * iconv * Iconv has been removed. Use String#encode instead. -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/