|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PhillyOnRails] Any news on whats what with 1.1.5?
|
I'm sure they eval input somewhere...
-Brian
On Aug 9, 2006, at 11:55 AM, Mike Zornek wrote:
http://weblog.rubyonrails.com/2006/8/9/rails-1-1-5-mandatory-
security-patch-
and-other-tidbits
This is a MANDATORY upgrade for anyone not running on a very
recent edge
(which isn’t affected by this). If you have a public Rails site,
you MUST
upgrade to Rails 1.1.5. The security issue is severe and you do
not want to be
caught unpatched.
The issue is in fact of such a criticality that we’re not going to
dig into
the specifics. No need to arm would-be assalients.
I'm not really a fan of the fearful release note as seen above. I
know some
Philly on Rails people live on edge. Anyone want to go in to detail
on what
was actually broken? And how it was fixed?
~ Mike
--
Work: http://ClickableBliss.com
Play: http://MikeZornek.com
_______________________________________________
talk mailing list
talk@phillyonrails.org
http://lists.phillyonrails.org/mailman/listinfo/talk
_______________________________________________
talk mailing list
talk@phillyonrails.org
http://lists.phillyonrails.org/mailman/listinfo/talk
|