Major Security Hole Found In Rails 177
mudimba writes "A major security hole has been found in Ruby on Rails. Upgrading to version 1.1.5 is extremely urgent, and all previous versions except those "on a very recent edge" are affected. Details on the exact nature of the flaw will be coming soon, but the rails team has decided to wait a short time before disclosure so that people can have a chance to upgrade their servers before would-be-assailants are armed." Update: 08/10 13:56 GMT by J : Now they're saying only the last six months of releases are affected: 1.1.0 through 1.1.4.
Major Security Hole Found In Rails (Score:5, Funny)
Re:How few? (Score:5, Funny)
Re:RoR lacks maturity (Score:5, Funny)
Re:How few? (Score:5, Funny)
http://www.rubyonrails.org/index.php [rubyonrails.org]
I still get a kick out of that.
Re: Major Security Hole Found In Rails (Score:3, Funny)
Security temporarily unavailable (Score:5, Funny)
http://wiki.rubyonrails.org/rails/pages/Security [rubyonrails.org]
Service Temporarily Unavailable
Seems an appropriate response!
Patch (Score:4, Funny)
Patch available here [djangoproject.com].
Re:I'm really trying to like Rails, but... (Score:1, Funny)
Rails (Score:5, Funny)
Oops.
Re: Major Security Hole Found In Rails (Score:3, Funny)