Question about Security and CVE, Rails 3.1.12

In a former
blog-posthttp://weblog.rubyonrails.org/2013/2/24/maintenance-policy-for-ruby-on-rails/,
the rails maintainer stated, that after the release of 4.0 only 3.2 will
get maintenance.

I wonder:

When you check
out
http://www.cvedetails.com/version-list/12043/22568/1/Rubyonrails-Ruby-On-Rails.html,
then you will notice that there is no entry for 3.1.12.
Can this version be considered “secure”? Or are the vulnerabilities no
longer tested against this specific version?

Maybe someone can give a little insight, how the vulnerabilities are
tested
against all (?) releases for rails.
For example new XSS vulnerabilities are being checked against 0.X - 4.X
releases - as it seems, based on the CVE reports.

Thanks for your insights & help,

Kind regards,
René

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs