[Ruby] Major Security Hole Found In Rails
Raymond Forbes
rforbes at e-stalkers.net
Thu Aug 10 15:30:46 PDT 2006
When you upgrade rails how does that affect your currently built apps? Is there an upgrade process for them?
-Raymond
-----Original Message-----
From: ruby-bounces at zenspider.com [mailto:ruby-bounces at zenspider.com] On Behalf Of Scott Laird
Sent: Thursday, August 10, 2006 2:54 PM
To: Seattle Ruby Brigade!
Subject: Re: [Ruby] Major Security Hole Found In Rails
Yeah, fun stuff. I've spit out two Typo releases in the last 24 hours
thanks to this mess.
FWIW, you can work around the bug by removing the default
:controller/:action/:id route from your routes.rb. See
http://bofh.org.uk/articles/2006/08/10/working-round-the-rails-showstopper,
or just upgrade to Rails 1.1.6.
Scott
On 8/10/06, Daevid Vincent <daevid at daevid.com> wrote:
> http://developers.slashdot.org/article.pl?sid=06/08/10/0213259&from=rss
>
> ÐÆ5ÏÐ
>
> _______________________________________________
> Ruby at zenspider.com
> http://www.zenspider.com/seattle.rb
> http://www.zenspider.com/mailman/listinfo/ruby
>
_______________________________________________
Ruby at zenspider.com
http://www.zenspider.com/seattle.rb
http://www.zenspider.com/mailman/listinfo/ruby
More information about the Ruby
mailing list