12 Mar '12, 5am

いつの間にこんなページが / "Security Advisories - Redmine"

This page lists the security vulnerabilities that were fixed in Redmine releases, starting from 1.3.0. If you think that you've found a security vulnerability, please report it by sending an email to: security(at)redmine.org . Fixed in Redmine 1.3.2 Moderate : persistent XSS vulnerability (affected version: all previous releases) Moderate : mass-assignemnt vulnerability that would allow an attacker to bypass part of the security checks (affected version: all previous releases) Fixed in Redmine 1.3.0 High : vulnerability that would allow an attacker to bypass the CSRF protection (affected version: all previous releases)

Full article: http://www.redmine.org/projects/redmine/wiki/Security_Adv...

Tweets

Redmine 1.3.2 released

redmine.org 11 Mar '12, 8am

Added by Jean-Philippe Lang about 1 hour ago Redmine 1.3.2 fixes 13 defects and is available for download at Rubyforge . T...

DARPA Director speaks of Offensive Capabilities...

darpa.mil 12 Mar '12, 8pm

DARPA Director speaks of Offensive Capabilities in Cyber Security March 12, 2012 Since 2009, DARPA has been steadily incre...

Rails 3.2.2 is available, and contains two impo...

weblog.rubyonrails.org 15 Mar '12, 8pm

Rails 3.2.2 has been released. This release contains various bug fixes and two important security fixes. All users are rec...

A different approach to Rails mass-assignment s...

rubyflow.com 10 Mar '12, 10pm

A different approach to Rails mass-assignment security Posted by jordoh on March 10, 2012 — 0 comments Read this blog post...

DARPA: Don’t Try To Predict The Future Of Cyber...

darpa.mil 13 Mar '12, 4pm

DARPA: Don’t Try To Predict The Future Of Cyber Security, Build It March 13, 2012 Protecting Cyberspace and the Nation req...

Rails3対応は #Redmine 2.0.0 の予定です。1.4はRuby1.9/Rail...

redmine.org 11 Mar '12, 9am

The main goal of 2.0 release is to upgrade to the latest Rails 3 version (3.2.2 at the time of writing). There will be no ...

link: Ruby on Rails Guides: Ruby On Rails Secur...

edgeguides.rubyonrails.org 14 Mar '12, 9pm

The threats against web applications include user account hijacking, bypass of access control, reading or modifying sensit...

Learn WordPress – One Quick Way To Improve Word...

morganlinton.com 09 Mar '12, 6pm

There are a million different tutorials out there about ways to secure WordPress. While I also recommend a complete regime...

President Obama Uses Cyberattack Scenario to Promote New Security Legislation

President Obama Uses Cyberattack Scenario to Pr...

searchenginejournal.com 09 Mar '12, 3pm

On Wednesday evening, a group of senators gathered as New York City’s power grid was rendered useless by a cyberattack – t...

Army

army.mil 12 Mar '12, 8am

FORT BENNING, Ga. (March 7, 2012) -- "Is a badge on Foursquare worth your life?" The question was posed by Brittany Brown,...

ideo: analysts, companies grapple with mobile s...

eetimes.com 07 Mar '12, 4pm

Video: analysts, companies grapple with mobile security issues Sylvie Barak 3/7/2012 10:55 AM EST BRUSSELS--Mobile phones ...