The recent rails vulnerability
Vít Ondruch
vondruch at redhat.com
Thu Jan 10 15:31:10 UTC 2013
Dne 10.1.2013 16:29, Vít Ondruch napsal(a):
> Dne 10.1.2013 16:14, Tejas Dinkar napsal(a):
>> Just in case you guys hadn't heard about it:
>> https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/61bkgvnSGTQ
>> <https://groups.google.com/forum/?fromgroups=#%21topic/rubyonrails-security/61bkgvnSGTQ>
>>
>>
>> This is considered an urgent fix.
>>
>>
>
> Thank you for heads-up.
>
> Rawhide was updated to Rails 3.2.11 yesterday and there are already
> updates for F18 [1] and F17 [2].
>
> Unfortunately, there is one incompatibility
[3] ... forgot to reference it :)
> introduced by these fixes, so I am not sure if I should push it into
> stable.
>
> Working on F16 now but I am afraid I'm not going to make it today :/
> But somebody will continue where I will end.
>
>
>
> Vít
>
>
>
> [1]
> https://admin.fedoraproject.org/updates/rubygem-actionpack-3.2.8-2.fc18,rubygem-activerecord-3.2.8-3.fc18,rubygem-activesupport-3.2.8-2.fc18
> [2]
> https://admin.fedoraproject.org/updates/rubygem-actionpack-3.0.11-8.fc17,rubygem-activerecord-3.0.11-5.fc17,rubygem-activemodel-3.0.11-2.fc17,rubygem-activesupport-3.0.11-7.fc17
> [3] https://github.com/rails/rails/issues/8832
> _______________________________________________
> ruby-sig mailing list
> ruby-sig at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/ruby-sig
More information about the ruby-sig
mailing list