Garbage Burrito

Discuss > Forum: Talk to me Sucka!

Topic

Author

Topic

rheaghen

De-Rails - Major Security Hole

08 10, 2006 @ 05:21AM

Looks like nobodys perfect

http://weblog.rubyonrails.org/2006/8/9/rails-1-1-5-mandatory-security-patch-and-other-tidbits

Comments

Author

Comments

Ben Kittrell

08 10, 2006 @ 06:28AM

Yeah I read that. It's kind of scary. I upgraded immediately, but I was already on 1.1.4.

I know I'm just trying to justify it, but it's good that it happened now. It's kind of an eye opener, and will make the core Rails team, and all Rails developers scrutinize the security stuff a lot more from now on.

As I keep stressing, Rails 1.0 was only release 6 months ago, so you're going to have to expect this kind of thing.

I wonder if a developer found it, or if someone was attacked?

Links

heathbits - heath's portfolio
hoopla - danger's blog

Recommend me on Working With Rails

resume website

portfolio website

Blog Entries

11/24 - Ben Kittrell - My Dream Desk
06/12 - Ben Kittrell - Kitchen Renovation - Round Two
06/12 - Ben Kittrell - New Gig at Secure Passage
12/28 - Ben Kittrell - Lessons learned from the iPhone
12/01 - Ben Kittrell - Doodlekit gets TechCrunched
more...

Blog Comments

11/26 - Timothy - The Forgotten HTML Tags
11/18 - kroppr - JavaScript Image Cropping with jsCropperUI and Rails
11/17 - Jeri Fortelaza - Coders For Obama: Fundraiser
11/11 - Adam Barger - Paypal Website Payments Pro with Ruby on Rails
11/11 - Adam Barger - A Mac-esque Rails Development Environment on Windows
more...

Forum Comments

09/29 - Jesse - Nothing can stop us now
09/23 - Jesse - RE: Java Generics
09/22 - Jesse - RE: JavaScripting with PDF's?
09/21 - rheaghen - RE: JavaScripting with PDF's?
09/10 - Jesse - RE: JavaScripting with PDF's?
more...

Doodlekit

doodlekit - free website builder

Blog Archives

Sash

Topic

De-Rails - Major Security Hole

Comments

powered by : Doodlekit Online Free Website Builder : developed by : Doodlebit™ Website Company