Changes since 2.3.0:
- Fix check for CVE-2013-4491 (i18n XSS) to detect workaround
- Fix link for CVE-2013-6415 (number_to_currency)
Two minor bugs were fixed in this release. Please see the 2.3.0 release post if you are upgrading from an earlier version.
(changes)
i18n XSS Workaround
Brakeman 2.3.0 included a check for the official i18n XSS workaround, but it was commented out during testing and unfortunately left that way.
CVE-2013-6415 Link
The link provided for CVE-2013-6415 in Brakeman 2.3.0 was copy-pasted from an older check. This has been fixed.
SHAs
The SHA sums for this release are
469b209a4c72f5a1133d696575caeee1675837e7 brakeman-2.3.1.gem
827e1cdefba543f59ed5070aaa3f587d8c7d9513 brakeman-min-2.3.1.gem
Reporting Issues
Thank you to everyone who reported bugs and contributed to this release!
Please report any issues with this release. Take a look at this guide to reporting Brakeman problems.
Hang out on GitHub for questions and discussion.