13 Jan '13, 12am

Ruby on Rails security updates address SQL injection flaw #infosec

January 03, 2013 — IDG News Service — The developers of Ruby on Rails, a popular Web application development framework for the Ruby programming language, released versions 3.2.10, 3.1.9, and 3.0.18 of the software on Wednesday in order to patch a serious SQL injection vulnerability. "These releases contain an important security fix," the Rails development team said in a blog post . "It is recommended that all users upgrade immediately." The vulnerability is located in the framework's Active Record database query interface and allows potential attackers to inject arbitrary SQL (Structured Query Language) statements. SQL injection vulnerabilities are commonly exploited by attackers to extract information from databases. The Rails developers apologized for releasing a security update so close to the holidays, but said that they were forced to rush out a patch because the vuln...

Full article: http://www.csoonline.com/article/725387/ruby-on-rails-sec...

Tweets

Ruby on Rails security updates address SQL inje...

csoonline.com 14 Jan '13, 5am

January 03, 2013 — IDG News Service — The developers of Ruby on Rails, a popular Web application development framework for...

Update Ruby now before it goes off the Rails #I...

csoonline.com 12 Jan '13, 10pm

January 11, 2013 — PC World — Do you use Ruby on Rails? If so, it's time to update. Now. Ruby on Rails is an open source W...

Ruby on Rails security updates address SQL inje...

csoonline.com 04 Jan '13, 3pm

January 03, 2013 — IDG News Service — The developers of Ruby on Rails, a popular Web application development framework for...

SQL Injection Flaw in Ruby on Rails, (Wed, Jan ...

isc.sans.edu 09 Jan '13, 2am

A SQL Injection Flaw (CVE-2012-5664) was announced last week (Jan 2) in Ruby on Rails, but I think we missed reporting on ...

Ruby on Rails security updates address SQL inje...

networkworld.com 03 Jan '13, 7pm

IDG News Service - The developers of Ruby on Rails, a popular Web application development framework for the Ruby programmi...

Ruby on Rails security updates address SQL inje...

infoworld.com 03 Jan '13, 2pm

The developers of Ruby on Rails, a popular Web application development framework for the Ruby programming language, releas...

Me at @CSO_Australia: "Nasty Ruby on Rails vuln...

cso.com.au 11 Jan '13, 4am

The revelation of serious long-term vulnerabilities in the popular Ruby on Rails web programming framework is just one of ...

Ruby on Rails security updates address SQL inje...

news.techworld.com 03 Jan '13, 3pm

Ruby on Rails developers have released versions 3.2.10, 3.1.9, and 3.0.18 of the popular web application development frame...

Ruby on Rails updates address SQL injection fla...

computerworld.com 03 Jan '13, 3pm

IDG News Service - The developers of Ruby on Rails, a popular open source Web application development framework for the Ru...

New flaw in Ruby on Rails:

New flaw in Ruby on Rails:

infosecurity-magazine.com 09 Jan '13, 1pm

Earlier today the Internet Storm Center (ISC) reported , “A SQL Injection Flaw (CVE-2012-5664) was announced last week (Ja...

Ruby On Rails SQL Injection Flaw Has Serious Re...

it.slashdot.org 09 Jan '13, 4pm

This one is quite a serious flaw, and the data this website in question deals with is very important data (citizen IDs), s...

#Java zero-day exploit and #Ruby on Rails vulne...

blog.trendmicro.com 12 Jan '13, 12am

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Ruby on Rails derails 240,000 sites with enormo...

theregister.co.uk 10 Jan '13, 3pm

Popular programming framework Ruby on Rails is affected by two critical security vulnerabilities - one allowing anyone to ...

Your body language shapes who you are #TED #gAt...

ted.com 13 Jan '13, 10am

And there's a lot of reason to believe that this is a valid way to look at this. So social scientists have spent a lot of ...

Security expert review on #Java zero-day exploi...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...