Update rails to 3.2.11 #179

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
2 participants
@jfirebaugh
Member

jfirebaugh commented Jan 10, 2013

This patches severe security vulnerabilities. See:
http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/

Proof-of-concept remote code execution will be published in a matter of hours:
https://twitter.com/hdmoore/status/289189534665678849

@jfirebaugh

This comment has been minimized.

Show comment Hide comment
@jfirebaugh

jfirebaugh Jan 10, 2013

Member

Looks like this is already in the commit history at git://git.openstreetmap.org/rails.git, and the mirroring is lagging.

Member

jfirebaugh commented Jan 10, 2013

Looks like this is already in the commit history at git://git.openstreetmap.org/rails.git, and the mirroring is lagging.

@jfirebaugh jfirebaugh closed this Jan 10, 2013

@tomhughes

This comment has been minimized.

Show comment Hide comment
@tomhughes

tomhughes Jan 10, 2013

Owner

Plus we have the parameter parsers disabled anyway.

Owner

tomhughes commented Jan 10, 2013

Plus we have the parameter parsers disabled anyway.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment