09 Jan '13, 12pm

Ruby on Rails patches more critical vulnerabilities

Those using the Ruby on Rails Web application framework on their websites are being advised to update the software immediately after multiple new vulnerabilities were found. It's the second time this month that Rails has been patched because of serious flaws. Ruby on Rails is an open-source Web application development framework that is widely used across the Internet on websites including Hulu, GroupOn, and Scribd. [ InfoWorld's expert contributors show you how to secure your Web browsers in the "Web Browser Security Deep Dive " PDF guide. Download it today! | Stay up to date on the latest security developments with InfoWorld's Security Adviser blog and Security Central newsletter . ] One of the problems, CVE-2013-0156 , lies in the parameter parsing code for Ruby on Rails, which would allow attackers to bypass authentication systems, perform SQL injection attacks or a den...

Full article: http://www.infoworld.com/d/security/ruby-rails-patches-mo...

Tweets

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Ruby on Rails patches more critical vulnerabili...

news.hitb.org 09 Jan '13, 10am

Those using the Ruby on Rails web application framework on their websites are being advised to update the software immedia...

Ruby on Rails 3.2.11 released to address 2 "ext...

news.softpedia.com 09 Jan '13, 10am

Less than one week has passed since Ruby on Rails 3.2.10 was released to address an SQL Injection vulnerability. However, ...

Critical vulnerability in Ruby on Rails paramet...

h-online.com 09 Jan '13, 11am

The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following th...

Critical Ruby on Rails flaws fixed, upgrade imm...

net-security.org 09 Jan '13, 2pm

For the second week in a row since the start of the new year, users of open source web application framework Ruby on Rails...

Read @adamjodonnell's insights on the latest Ru...

blog.sourcefire.com 09 Jan '13, 8pm

A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...

Critical vulnerability in Ruby on Rails paramet...

h-online.com 09 Jan '13, 11am

The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following th...

Critical Flaws Patched in Ruby on Rails

threatpost.com 08 Jan '13, 9pm

"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentica...

Ruby on Rails releases "extremely critical" fixes

scmagazine.com 09 Jan '13, 5pm

The maintainers of the Ruby on Rails have pushed out the second update in a week to fix critical holes in the web applicat...

Ruby on Rails Releases 'Extremely Critical' Sec...

securityweek.com 09 Jan '13, 6pm

The latest versions, 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been updated with "two extremely critical security fixes" and...

Ruby on Rails Vulnerabilities Discovered, Users Urged to Update Immediately

Ruby on Rails Vulnerabilities Discovered, Users...

thewhir.com 10 Jan '13, 4pm

A vulnerability discovered on the Ruby on Rails web application framework allows attackers to bypass authentication system...

Ruby on Rails pushing out 'extremely critical' fixes: Workaround available.

Ruby on Rails pushing out 'extremely critical' ...

scmagazine.com.au 09 Jan '13, 2am

The maintainers of Ruby on Rails have pushed out the second update in a week to fix a critical hole in the framework which...

Rails vulnerabilities are not Rails'

revision-zero.org 12 Jan '13, 6pm

Would it make sense for Rails controllers to accept YAML-encoded parameters? Of course it does. URL-encoded, XML, and JSON...

Any Ruby on Rails app is, badly, utterly, pwned...

groups.google.com 09 Jan '13, 3am

Dieser Browser wird nicht unterstützt.

Extremely critical Ruby on Rails bug threatens ...

linuxtoday.com 09 Jan '13, 8pm

Extremely critical Ruby on Rails bug threatens more than 200,000 sites Jan 09, 2013, 11:00 (0 Talkback[s] ) Tweet Hundreds...

Exploit Code for Ruby on Rails Flaw Likely on t...

threatpost.com 09 Jan '13, 4pm

The vulnerabilities patched Tuesday in the Ruby on Rails Web framework have security researchers warning of the potential ...