H Online.Com Site Info - OpenRuby.com

#NA

h-online.com

The H: Security news and Open source developments

The H brings you the in-depth coverage of the world of IT, communications, data security and the politics of technology.

SQL injection vulnerability hits all Ruby on Rails versions - The H Open: News and Features

h-online.com 03 Jan '13, 9am

The Ruby on Rails developers are warning of an SQL injection vulnerability that affects all current versions of the web framework. New releases of Ruby on Rails – 3.2.10, 3.1.9 and 3.0.18 – are now available . It is recommended that all users update immediately. For users unable to up...
Related:
1. SQL injection vulnerability hits all Ruby on Rails versions - The H Securit... h-online.com 03 Jan '13, 9am
2. SQL Injection Vulnerability in Ruby on Rails; affects all versions news.ycombinator.com 02 Jan '13, 9pm
3. SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) permalink.gmane.org 02 Jan '13, 9pm
4. SQL Injection Vulnerability in Ruby on Rails; affects all versions: news.ycombinator.com 02 Jan '13, 11pm
5. SQL Injection Vulnerability in several versions of Rails! rubyflow.com 02 Jan '13, 11pm
6. SQL Injection Vulnerability in Ruby on Rails; affects all versions: Comments groups.google.com 02 Jan '13, 10pm
7. Oh shit : SQL Injection Vulnerability in Ruby on Rails; affects all versions groups.google.com 02 Jan '13, 10pm
8. SQL Injection Vulnerability in Ruby on Rails; affects all versions groups.google.com 02 Jan '13, 9pm
More Rails security fixes released - The H Open:

h-online.com 12 Feb '13, 4pm

The Ruby on Rails Developers have released updates to Rails 3.2, 3.1 and 2.3 and made users aware of an update to the JSON gem to close an important security flaw. Most notable of the problems is CVE-2013-0277 , another problem with serialised attributes in YAML. The flaw, which only ...
Related:
1. More Rails security fixes released - The H Security: h-online.com 12 Feb '13, 4pm
2. New vulnerabilities just being disclosed on Ruby On Rails. YAML and JSON...... groups.google.com 11 Feb '13, 7pm
3. [SEC][ANN] Rails 3.2.12, 3.1.11, and 2.3.17 have been released! weblog.rubyonrails.org 11 Feb '13, 6pm
4. Ruby on Rails 3.2.12, 3.1.11 and 2.3.17 Released to Address Security Holes news.softpedia.com 13 Feb '13, 11am
5. Neues Sicherheits-Update für Ruby on Rails | heise Security heise.de 12 Feb '13, 5pm
6. Ruby on Rails Patches DoS, Remote Execution Flaws threatpost.com 13 Feb '13, 6pm
7. Did Rails have a major security flaw today? didrailshaveamajorsecurityflawtoday.com 12 Feb '13, 3pm
8. Neues Sicherheits-Update für Ruby on Rails | heise open heise.de 12 Feb '13, 5pm
More Rails security fixes released - The H Security:

h-online.com 12 Feb '13, 4pm

The Ruby on Rails Developers have released updates to Rails 3.2, 3.1 and 2.3 and made users aware of an update to the JSON gem to close an important security flaw. Most notable of the problems is CVE-2013-0277 , another problem with serialised attributes in YAML. The flaw, which only ...
Related:
1. More Rails security fixes released - The H Open: h-online.com 12 Feb '13, 4pm
2. New vulnerabilities just being disclosed on Ruby On Rails. YAML and JSON...... groups.google.com 11 Feb '13, 7pm
3. Ruby on Rails 3.2.12, 3.1.11 and 2.3.17 Released to Address Security Holes news.softpedia.com 13 Feb '13, 11am
4. Did Rails have a major security flaw today? didrailshaveamajorsecurityflawtoday.com 12 Feb '13, 3pm
5. [SEC][ANN] Rails 3.2.12, 3.1.11, and 2.3.17 have been released! weblog.rubyonrails.org 11 Feb '13, 6pm
6. Neues Sicherheits-Update für Ruby on Rails | heise Security heise.de 12 Feb '13, 5pm
7. 1 year old but still usefull. Slides from my #RoR security talk at Source B... blog.gdssecurity.com 20 Feb '13, 9pm
8. Ruby on Rails Patches DoS, Remote Execution Flaws threatpost.com 13 Feb '13, 6pm
SQL injection vulnerability hits all Ruby on Rails versions - The H Security: News and Features

h-online.com 03 Jan '13, 9am

The Ruby on Rails developers are warning of an SQL injection vulnerability that affects all current versions of the web framework. New releases of Ruby on Rails – 3.2.10, 3.1.9 and 3.0.18 – are now available . It is recommended that all users update immediately. For users unable to up...
Related:
1. SQL injection vulnerability hits all Ruby on Rails versions - The H Open: N... h-online.com 03 Jan '13, 9am
2. SQL Injection Vulnerability in Ruby on Rails; affects all versions news.ycombinator.com 02 Jan '13, 9pm
3. SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) permalink.gmane.org 02 Jan '13, 9pm
4. SQL Injection Vulnerability in several versions of Rails! rubyflow.com 02 Jan '13, 11pm
5. SQL Injection Vulnerability in Ruby on Rails; affects all versions: news.ycombinator.com 02 Jan '13, 11pm
6. SQL Injection Vulnerability in Ruby on Rails; affects all versions: Comments groups.google.com 02 Jan '13, 10pm
7. Oh shit : SQL Injection Vulnerability in Ruby on Rails; affects all versions groups.google.com 02 Jan '13, 10pm
8. SQL Injection Vulnerability in Ruby on Rails; affects all versions groups.google.com 02 Jan '13, 9pm
Exploits for Ruby on Rails holes now in circulation - The H Open:

h-online.com 10 Jan '13, 4pm

Since the reports of a critical vulnerability in Ruby on Rails , the first exploits have begun circulating and the first reports of hijacked web servers are already coming in. The hole is extremely dangerous as it affects a very large number of applications and servers. Anyone who adm...
Related:
1. Update Ruby now before it goes off the Rails pcworld.com 10 Jan '13, 10pm
2. ModSecurity Mitigations for Ruby on Rails XML Exploits - SpiderLabs Anterior blog.spiderlabs.com 10 Jan '13, 6pm
3. Ronin - Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155 ronin-ruby.github.com 10 Jan '13, 7am
4. Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs - Da... darkreading.com 10 Jan '13, 9pm
5. Dutch govt pulls Ruby on Rails, exploits become semi-automated zdnet.com 11 Jan '13, 5am
6. Metasploit: Exploiting Ruby on Rails with Metas... | SecurityStreet community.rapid7.com 10 Jan '13, 6pm
7. Critical vulnerability in Ruby on Rails parameter parsing - The H Open: New... h-online.com 09 Jan '13, 11am
8. Exploit Code, Metasploit Module Out for Ruby on Rails Flaws threatpost.com 10 Jan '13, 3pm
Rails::API strips the fat off Ruby on Rails - The H Open: News and Features

h-online.com 23 Nov '12, 4pm

A group of Ruby on Rails developers has announced Rails::API, a derivative of the original Rails project that provides a slimmed-down set of functions which are useful for developers using Rails to write applications that use a backend API-only server or servers. This new subset of th...
Related:
1. freelance.nl - de grootste werk marktplaats van nederland. freelance.nl 23 Nov '12, 2pm
2. rails-api/rails-api github.com 22 Nov '12, 9pm
3. Code School codeschool.com 24 Nov '12, 3am
4. MacOSX-Lionでrbenvを使ってRubyOnRailsの環境構築すると、以下のようなメッセージが出てドハマリしたけど、なんとか解決したこと.... qiita.com 23 Nov '12, 3pm
5. Now Hiring: web developer - PHP Ruby on Rails php: I want to develop a crow... spacecoastprojects.donanza.com 23 Nov '12, 9pm
6. Introducing the Rails API Project - Literate Programming blog.steveklabnik.com 22 Nov '12, 9pm
7. Developer/Some Telecommute/85-95K with FirstPro | 4078820 jobs.telegraph.co.uk 23 Nov '12, 10pm
8. Ruby on Rails Developer odesk.com 24 Nov '12, 4am
Critical vulnerability in Ruby on Rails parameter parsing - The H Open: News and Features

h-online.com 09 Jan '13, 11am

The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following the public disclosure of flaws in the parsing of XML-formatted parameters in the Rails framework. The update also fixes an unrelated issue with JSON parameter parsin...
Related:
1. Critical vulnerability in Ruby on Rails parameter parsing - The H Security: h-online.com 09 Jan '13, 11am
2. Analysis of Rails XML Parameter Parsing Vulnerability - Insinuator insinuator.net 08 Jan '13, 9pm
3. Any Ruby on Rails app is, badly, utterly, pwned through multiple parameter ... groups.google.com 09 Jan '13, 3am
4. Ruby on Rails patches more critical vulnerabilities | Security - InfoWorld infoworld.com 09 Jan '13, 12pm
5. Ruby on Rails patches more critical vulnerabilities news.hitb.org 09 Jan '13, 10am
6. Critical Flaws Patched in Ruby on Rails threatpost.com 08 Jan '13, 9pm
7. Critical Ruby on Rails flaws fixed, upgrade immediately net-security.org 09 Jan '13, 2pm
8. Ruby on Rails releases "extremely critical" fixes - SC Magazine scmagazine.com 09 Jan '13, 5pm
Critical vulnerability in Ruby on Rails parameter parsing - The H Security:

h-online.com 09 Jan '13, 11am

The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following the public disclosure of flaws in the parsing of XML-formatted parameters in the Rails framework. The update also fixes an unrelated issue with JSON parameter parsin...
Related:
1. Critical vulnerability in Ruby on Rails parameter parsing - The H Open: New... h-online.com 09 Jan '13, 11am
2. Analysis of Rails XML Parameter Parsing Vulnerability - Insinuator insinuator.net 08 Jan '13, 9pm
3. Any Ruby on Rails app is, badly, utterly, pwned through multiple parameter ... groups.google.com 09 Jan '13, 3am
4. Ruby on Rails patches more critical vulnerabilities | Security - InfoWorld infoworld.com 09 Jan '13, 12pm
5. Critical Flaws Patched in Ruby on Rails threatpost.com 08 Jan '13, 9pm
6. Ruby on Rails patches more critical vulnerabilities news.hitb.org 09 Jan '13, 10am
7. Ruby on Rails releases "extremely critical" fixes - SC Magazine scmagazine.com 09 Jan '13, 5pm
8. Critical Ruby on Rails flaws fixed, upgrade immediately net-security.org 09 Jan '13, 2pm

Related:

Related:

Related:

Related:

Related:

Related:

Related:

Related:

Related