Google Groups Home
Help | Sign in
Ruby on Rails: Security
Home
Pages
Files
About this group
Join this group
Rails 1.2.5: Closes JSON XSS vulnerability
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   1 message - Collapse all
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
DHH  
View profile
 (1 user)  More options Oct 12 2007, 12:50 pm
From: DHH <david.heineme...@gmail.com>
Date: Fri, 12 Oct 2007 16:50:53 -0000
Local: Fri, Oct 12 2007 12:50 pm
Subject: Rails 1.2.5: Closes JSON XSS vulnerability
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
This release closes a JSON XSS vulnerability, fixes a couple of minor
regressions introduced in 1.2.4, and backports a handful of features
and fixes from the 2.0 preview release.

All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5,
though it isn't strictly necessary if you aren't working with JSON.
For more information the JSON vulnerability, see CVE-2007-3227.


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2008 Google