I’ve pushed a 3.1.0.rc4. Please test it against your application against this release candidate and report any regressions to the rails core mailing list. I would like to hear your...
I’ve pushed an rc3. Yes, we skipped one. I screwed up the rc2, so I yanked it, and we’re going straight to rc3. Good thing it’s just a release candidate,...
Hey folks. Sorry for the multiple releases in such a short time span, but the security fixes released yesterday seem to have broken people’s applications. Even though this is a...
Hey folks. Sorry for the multiple releases in such a short time span, but the security fixes released yesterday seem to have broken people’s applications. I am not happy about...
Security Issues! This release contains fixes for possible XSS problems in your rails application. It is unlikely that your application is vulnerable, but you should take precautions by updating your...
Security Issues! This release contains fixes for possible XSS problems in your rails application. It is unlikely that your application is vulnerable, but you should take precautions by updating your...
Hi everyone! I’ve released rails version 2.3.12. Security issues! There are security issues in the rails_xss plugin, and we’ve fixed them with this release. Please make sure to upgrade your...
The XSS prevention support in recent versions Ruby on Rails allows some string operations which, when combined with user supplied data, may leave an ‘unsafe string’ incorrectly considered safe. It...
New Configuration Guide Rails 3.1 will come with a new comprehensive guide about configuring Rails applications written by Ryan Bigg (@ryanbigg). The current draft is already available in the edge...
Hey everybody! I’ve pushed Rails 3.0.8.rc3. Hopefully this release candidate takes care of all the outstanding issues remaining. To see what has changed between 3.0.8.rc2 and 3.0.8.rc3, check out this...