ruphus13 writes: Ruby continues to be in the spotlight, but this time for the wrong reasons. "A member of Apple's security team has discovered multiple serious security vulnerabilities in Ruby, the popular open-source scripting language. According to an advisory on the Ruby project site, Apple's Drew Yao reported at least six of the vulnerabilities, which can be exploited to cause a denial-of-service condition or the execution of arbitrary code." The article goes on to state, "These vulnerabilities are likely to crop up in just about any average ruby web application. And by "crop up" I mean "crop up exploitable from trivial user-specified parameters". It's not hard to begin imagining cases where Ruby/Rails programmers use code similar to the samples above to routinely handle user input."
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×