This is a MANDATORY upgrade for anyone not running on a very recent edge
(which isn’t affected by this). If you have a public Rails site, you MUST
upgrade to Rails 1.1.5. The security issue is severe and you do not want to be
The issue is in fact of such a criticality that we’re not going to dig into
the specifics. No need to arm would-be assalients.
I'm not really a fan of the fearful release note as seen above. I know some
Philly on Rails people live on edge. Anyone want to go in to detail on what