You can clone with
I'm not terribly familiar with Ruby/Rails, so I have a few questions for those that are more knowledgeable:
Here's the notice: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
Thank you for your help!
@randx @vsizov we should update Rails to 3.2.11 and ship GitLab 4.0.1
we have many changes for now. Maybe we should create branch based on 4.0.0 and create corresponding tag?!
@vsizov we already have a 4-0-stable branch. We may need to backport some fixes from master and then ship it. Especially because of the above vulnerability.
You've probably already seen it, but I also felt I should mention that the fix seems to introduce another issue: rails/rails#8832
Would this affect Gitlab at all?
Updating Rails to 3.2.11 doesn't trip any of the automatic tests to fail, but that doesn't necessarily guarantee rails/rails#8832 isn't problematic.
Works For Me™ as well as the test suite.