Rails security issue

[Thomas Chemineau]

Hi,

I would like to know if OpenVZ Web Panel is concerned by the recent significant security issues discovered in Rails. Does the recent project's update fix them ?

Best regards,

Thomas.

[Alexei Yuzhakov]

As a Rails developer I could say that no real reason to panic for panel users. Anyway v2.2 is already available via development channel and will be released soon. 

--
You received this message because you are subscribed to the Google Groups "OpenVZ Web Panel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ovz-web-pane...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
Best regards,
  Alexei "SibProgrammer" Yuzhakov
  Blog: http://blog.softunity.com.ru/

[Thomas Chemineau]

I recommand you to read this post:

http://www.kalzumeus.com/2013/01/31/what-the-rails-security-issue-means-for-your-startup/

Exploits are availables. My panel is connected to Internet, but for the moment I stopped it until security issues are fixed.

Thomas Chemineau

2013/2/8 Daniel van den Oord <d.o...@upcmail.nl>

This soly depends on wether or not you have this panel connected to the internet directly...

if so.. yeah you are vulnerable..

Op 8 februari 2013 om 1:38 schreef Alexei Yuzhakov <sibpro...@gmail.com>:

[Alexei Yuzhakov]

I not only read but even tried every exploit against the panel. There is a lot of buzz about this holes but in reality everything doesn't look so bad in context of Owp.

Anyway v2.2 is out and you can upgrade.