For those concerned about @padrinorb in the light of current security issues, here is a blog post for you:

Blog Sleep well: YAML vulnerabilites and

padrinorb.com 04 Feb '13, 4pm

For those concerned about @padrinorb in the light of current security issues, here is a blog post for you:

Rails and the Ruby community had their fair share of security vulnerabilities in the recent days. Where does that leave Padrino users? In short: You are safe, unless you explicitely activated some form of parameter parsing that either parses YAML directly or uses XmlMini when accepting requests or parsing responses from backend sources. Currently, some security issues plagued the Rails community. The most dangerous is CVE -156 , which is present in almost all Rails installations. Default Sinatra and Padrino are unaffected, see this discussion on the Sinatra mailing list for details. All hints given there are true for Padrino users as well. If you are using any of the Rails components in question either directly or through dependencies, you should upgrade them. The most important components in question are YAML (both Psych and Syck) or XmlMini. Popular projects using them a...

Full article: http://www.padrinorb.com/blog/sleep-well-yaml-vulnerabili...

Tweets

@Xylakant » 04 Feb '13, 4pm
RT @Argorak: For those concerned about @padrinorb in the light of current security issues, here is a blog post for you: [link]
@Argorak » 04 Feb '13, 4pm
For those concerned about @padrinorb in the light of current security issues, here is a blog post for you: [link]
@padrinorb » 04 Feb '13, 5pm
RT @Argorak: For those concerned about @padrinorb in the light of current security issues, here is a blog post for you: [link]
@Asquera » 04 Feb '13, 5pm
RT @Argorak: For those concerned about @padrinorb in the light of current security issues, here is a blog post for you: [link]
@freaklikeme » 04 Feb '13, 4pm
RT @Argorak: For those concerned about @padrinorb in the light of current security issues, here is a blog post for you: [link]