Isc.Sans.Edu Site Info - OpenRuby.com

Follow @openruby

#NA

isc.sans.edu

http://openruby.com/sites/isc.sans.edu

ISC Diary | SQL Injection Flaw in Ruby on Rails

isc.sans.edu 09 Jan '13, 2am

A SQL Injection Flaw (CVE-2012-5664) was announced last week (Jan 2) in Ruby on Rails, but I think we missed reporting on it (thanks to one of our readers for pointing this out). Updates that resolve this are: 3.2.10, 3.1.9, and 3.0.18 Because of the security profile of Ruby on Rails ...
Related:
1. Infosecurity - New flaw in Ruby on Rails infosecurity-magazine.com 09 Jan '13, 1pm
2. Ruby On Rails SQL Injection Flaw Has Serious Real-Life Consequences - Slashdot it.slashdot.org 09 Jan '13, 4pm
3. Ruby on Rails security updates address SQL injection flaw csoonline.com 14 Jan '13, 5am
4. Ruby on Rails vulnerable to six year old flaw zdnet.com 09 Jan '13, 1am
5. Ruby on Rails security updates address SQL injection flaw csoonline.com 13 Jan '13, 12am
6. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
7. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
8. Ruby on Rails SQL Injection Flaw a Non-Issue for Most Organizations | Secur... securityweek.com 04 Jan '13, 12pm

Related