Better link for today's 4 Rails CVEs: New Brakeman checks expected later today.

[SEC] [ANN] Rails 3.2.13, 3.1.12, and 2.3.18 have been released!

ruby-forum.com 18 Mar '13, 6pm

Better link for today's 4 Rails CVEs: New Brakeman checks expected later today.

Hi everyone! Rails versions 3.2.13, 3.1.12, and 2.3.18 have been released. These releases contain important security fixes. It is recommended users upgrade as soon as possible. Please check out these links for the security fixes: * [CVE-2013-1854 Symbol DoS vulnerability in Active Record](https://groups.google.com/forum/#!topic/ruby-secur... ) * [CVE-2013-1855 XSS vulnerability in sanitize_css in Action Pack](https://groups.google.com/forum/?fromgroups=#!topi... ) * [CVE-2013-1856 XML Parsing Vulnerability affecting JRuby users](https://groups.google.com/forum/?fromgroups=#!topi... ) * [CVE-2013-1857 XSS Vulnerability in the `sanitize` helper of Ruby on Rails](https://groups.google.com/forum/?fromgroups=#!topi... ) All versions of Rails are impacted by one or more of these security issues, but per our [maintenance policy](https://groups.google.com/forum/?fromgroups=#!topi....

Full article: http://www.ruby-forum.com/topic/4412118

Tweets

@presidentbeef » 18 Mar '13, 6pm
RT @brakeman: Better link for today's 4 Rails CVEs: [link] New Brakeman checks expected later today.
@brakeman » 18 Mar '13, 6pm
Better link for today's 4 Rails CVEs: [link] New Brakeman checks expected later today.

[SEC] [ANN] Rails 3.2.13, 3.1.12, and 2.3.18 have been released!

Better link for today's 4 Rails CVEs: New Brakeman checks expected later today.

Tweets

Rails

Base.serialize - Beware - May cause performance...

Best IDEs for Ruby on Rails - Ruby Forum

What's New in Edge Rails #61

morris-rails - Morris.js for the Rails 3 Asset ...

#Redmine 2.3.0/2.2.4 released Ruby 2.0 support!...

Should you upgrade Rails from 3.2.12 to 3.2.13?

Double Shot #1088

Roads to Nowhere's response to Heysham Link roa...