[rubygem-activerecord/f14/master] updated activerecord postgres fix

Mohammed Morsi mmorsi at fedoraproject.org
Wed Sep 8 18:00:04 UTC 2010 

commit c84eaeb6f8c75984511d9964105fd689d3e69fcb
Author: Mohammed Morsi <mmorsi at redhat.com>
Date:   Wed Sep 8 14:05:46 2010 -0400

    updated activerecord postgres fix

 activerecord-2.3.8-postgres-fix.patch |   15 ++++++---------
 rubygem-activerecord.spec             |    5 ++++-
 2 files changed, 10 insertions(+), 10 deletions(-)
---
diff --git a/activerecord-2.3.8-postgres-fix.patch b/activerecord-2.3.8-postgres-fix.patch
index 9b300b4..3dbaee2 100644
--- a/activerecord-2.3.8-postgres-fix.patch
+++ b/activerecord-2.3.8-postgres-fix.patch
@@ -1,15 +1,12 @@
---- activerecord-2.3.8/lib/active_record/connection_adapters/postgresql_adapter.rb.orig  2010-08-16 21:14:25.710395992 -0400
-+++ activerecord-2.3.8/lib/active_record/connection_adapters/postgresql_adapter.rb 2010-08-16 21:15:33.091702801 -0400
-@@ -407,7 +407,11 @@ module ActiveRecord
+--- activerecord-2.3.8/lib/active_record/connection_adapters/postgresql_adapter.rb.orig	2010-09-08 13:41:46.000000000 -0400
++++ activerecord-2.3.8/lib/active_record/connection_adapters/postgresql_adapter.rb	2010-09-08 13:42:39.000000000 -0400
+@@ -407,6 +407,9 @@ module ActiveRecord
  
        # Quotes column names for use in SQL queries.
        def quote_column_name(name) #:nodoc:
--        PGconn.quote_ident(name.to_s)
-+        if PGconn.respond_to?(:quote_ident)
-+          PGconn.quote_ident(name.to_s)
-+        else
-+          %("#{name}")
++        unless PGconn.respond_to?(:quote_ident)
++           raise 'Your PostgreSQL connection does not support quote_ident. Try upgrading pg.'
 +        end
+         PGconn.quote_ident(name.to_s)
        end
  
-       # Quote date/time values for use in SQL input. Includes microseconds
diff --git a/rubygem-activerecord.spec b/rubygem-activerecord.spec
index 42a5ce9..e493fb3 100644
--- a/rubygem-activerecord.spec
+++ b/rubygem-activerecord.spec
@@ -10,7 +10,7 @@ Summary: Implements the ActiveRecord pattern for ORM
 Name: rubygem-%{gemname}
 Epoch: 1
 Version: 2.3.8
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: Development/Languages
 License: MIT
 URL: http://www.rubyonrails.org
@@ -109,6 +109,9 @@ rake test_sqlite3 --trace
 %{gemdir}/specifications/%{gemname}-%{version}.gemspec
 
 %changelog
+* Wed Sep 08 2010 Mohammed Morsi <mmorsi at redhat.com> - 1:2.3.8-4
+- Updated postgres fix to resolve security issue
+
 * Mon Aug 16 2010 Mohammed Morsi <mmorsi at redhat.com> - 1:2.3.8-3
 - Included postgres fix (patch also pushed upstream, see rails issue tracker)

More information about the scm-commits mailing list