18 Mar '13, 6pm

Better link for today's 4 Rails CVEs: New Brakeman checks expected later today.

Hi everyone! Rails versions 3.2.13, 3.1.12, and 2.3.18 have been released. These releases contain important security fixes. It is recommended users upgrade as soon as possible. Please check out these links for the security fixes: * [CVE-2013-1854 Symbol DoS vulnerability in Active Record](https://groups.google.com/forum/#!topic/ruby-secur... ) * [CVE-2013-1855 XSS vulnerability in sanitize_css in Action Pack](https://groups.google.com/forum/?fromgroups=#!topi... ) * [CVE-2013-1856 XML Parsing Vulnerability affecting JRuby users](https://groups.google.com/forum/?fromgroups=#!topi... ) * [CVE-2013-1857 XSS Vulnerability in the `sanitize` helper of Ruby on Rails](https://groups.google.com/forum/?fromgroups=#!topi... ) All versions of Rails are impacted by one or more of these security issues, but per our [maintenance policy](https://groups.google.com/forum/?fromgroups=#!topi....

Full article: http://www.ruby-forum.com/topic/4412118

Tweets

Rails

weblog.rubyonrails.org 18 Mar '13, 5pm

Rails versions 3.2.13, 3.1.12, and 2.3.18 have been released. These releases contain important security fixes. It is recom...

Base.serialize - Beware - May cause performance...

apidock.com 18 Mar '13, 3pm

If you have an attribute that needs to be saved to the database as an object, and retrieved as the same object, then speci...

Best IDEs for Ruby on Rails - Ruby Forum

ruby-forum.com 22 Mar '13, 4am

On 16 March 2013 04:40, Jason Hsu, Android developer <[email protected]> wrote: > What are your favorite IDEs for Ruby ...

What's New in Edge Rails #61

afreshcup.com 18 Mar '13, 1pm

is Mike Gunderloy's software development weblog, covering Ruby on Rails and whatever else I find interesting in the univer...

morris-rails - Morris.js for the Rails 3 Asset ...

rubyflow.com 18 Mar '13, 4am

morris-rails - Morris.js for the Rails 3 Asset Pipeline Posted by RyanScottLewis on March 18, 2013 — 0 comments morris-rai...

#Redmine 2.3.0/2.2.4 released Ruby 2.0 support!...

redmine.org 19 Mar '13, 9pm

The new feature release Redmine 2.3.0 is available for download at Rubyforge . Here are the highlights: Spent time list an...

Should you upgrade Rails from 3.2.12 to 3.2.13?

rubyflow.com 25 Mar '13, 7pm

Should you upgrade Rails from 3.2.12 to 3.2.13? Posted by gravis on March 25, 2013 — 0 comments If you wonder if you shoul...

Double Shot #1088

afreshcup.com 19 Mar '13, 12pm

is Mike Gunderloy's software development weblog, covering Ruby on Rails and whatever else I find interesting in the univer...

Roads to Nowhere's response to Heysham Link roa...

bettertransport.org.uk 19 Mar '13, 1pm

Campaigners condemn Heysham-M6 link road decision 19 March 2013 Immediate release Campaign for Better Transport has condem...