Brian McCallister on 9 Aug 2006 19:09:30 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PhillyOnRails] Any news on whats what with 1.1.5?

I'm sure they eval input somewhere...


On Aug 9, 2006, at 11:55 AM, Mike Zornek wrote: security-patch-

This is a MANDATORY upgrade for anyone not running on a very recent edge
(which isn’t affected by this). If you have a public Rails site, you MUST
upgrade to Rails 1.1.5. The security issue is severe and you do not want to be
caught unpatched.

The issue is in fact of such a criticality that we’re not going to dig into
the specifics. No need to arm would-be assalients.

I'm not really a fan of the fearful release note as seen above. I know some
Philly on Rails people live on edge. Anyone want to go in to detail on what
was actually broken? And how it was fixed?

~ Mike

_______________________________________________ talk mailing list

_______________________________________________ talk mailing list