WebApp Sec mailing list archives
Ruby On Rails 1.1.5 Released to Address Critical Vulnerability
From: bugtraq () cgisecurity net
Date: Wed, 9 Aug 2006 21:33:17 -0400 (EDT)
From their blog
"We're still hard at work on Rails 1.2, which features all the new dandy REST stuff and more, but a serious security concern has come to our attention that needed to be addressed sooner than the release of 1.2 would allow. So here's Rails 1.1.5! This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn't affected by this). If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched. The issue is in fact of such a criticality that we're not going to dig into the specifics. No need to arm would-be assalients." Blog URL: http://weblog.rubyonrails.com/ - Robert http://www.cgisecurity.com/ Website Security, and Application Security News http://www.cgisecurity.com/index.rss [RSS news Feed] ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution. Try it today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB --------------------------------------------------------------------------
Current thread:
- Ruby On Rails 1.1.5 Released to Address Critical Vulnerability bugtraq (Aug 09)
- RE: [WEB SECURITY] Ruby On Rails 1.1.5 Released to Address Critical Vulnerability Caleb Sima (Aug 10)
- RE: Ruby On Rails 1.1.5 Released to Address Critical Vulnerability James Pujals (Aug 10)