[ANN] AR-JDBC 1.3.9 (Active Record SQL Injection Vulnerabilities Affecting PostgreSQL)

Greetings Fellow JRuby-ists …

latest SQL injection vulnearibilities [CVE-2014-3482] [CVE-2014-3483
affects AR-JDBC as well …
details at Rails forum
https://groups.google.com/forum/#!topic/rubyonrails-security/wDxePLJGZdI

If you’re riding JRuby on Rails with PostgreSQL, it’s strongly
recommended
to update to 1.3.9 !

As a reminder AR-JDBC maintains compatibility with all ActiveRecord 3.x
versions, thus you should not be eligible for those PG range / bit
string
injection attacks in any of those versions with JRuby (even if the Rails
team only fixed this in 3.2), since we use the very same code along side
all Rails versions we run with.

Have a cup of green tea on us and enjoy … <3 Team AR-JDBC

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs