Skip to content

Commit 5316b35

Browse files
mshibuyamshibuya
committed
Version 3.0.5
1 parent 863d425 commit 5316b35

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,14 @@ This project adheres to [Semantic Versioning](http://semver.org/).
55

66
## [Unreleased]
77

8+
## 3.0.5 - 2023-11-29
9+
10+
### Fixed
11+
* Remove unnecessary if clause within #filename left in the uploader template (@rajyan, [#2711](https://github.com/carrierwaveuploader/carrierwave/pull/2711))
12+
13+
### Security
14+
* Fix Content-Type allowlist bypass vulnerability, possibly leading to XSS (@mshibuya, [863d425](https://github.com/carrierwaveuploader/carrierwave/commit/863d425c76eba12c3294227b39018f6b2dccbbf3), [GHSA-gxhx-g4fq-49hj](https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj))
15+
816
## 3.0.4 - 2023-10-08
917

1018
### Fixed

lib/carrierwave/version.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
module CarrierWave
2-
VERSION = "3.0.4".freeze
2+
VERSION = "3.0.5".freeze
33
end

0 commit comments

Comments
 (0)