Mike Zornek on 9 Aug 2006 18:55:39 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PhillyOnRails] Any news on whats what with 1.1.5?


> This is a MANDATORY upgrade for anyone not running on a very recent edge
> (which isn¹t affected by this). If you have a public Rails site, you MUST
> upgrade to Rails 1.1.5. The security issue is severe and you do not want to be
> caught unpatched.
> The issue is in fact of such a criticality that we¹re not going to dig into
> the specifics. No need to arm would-be assalients.

I'm not really a fan of the fearful release note as seen above. I know some
Philly on Rails people live on edge. Anyone want to go in to detail on what
was actually broken? And how it was fixed?

~ Mike
Work: http://ClickableBliss.com
Play: http://MikeZornek.com

talk mailing list