Security fix CVE-2012-5664 exists in rails 2.3.15

Hello,
I was looking to migrate the patch described in this
linkhttps://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM
(
https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM)
to the rails 2.3 branch, but when doing so realized that it’s already
there.

I couldn’t find anything about this in the release notes, I was
wondering
if the link above might be incomplete? If it’s not a mistake, is it
possible to add a note about it somewhere?

Thanks,
Ariel

The original announcement of Rails 3.2.10… was posted on January 2.
The current version is at 3.2.12. It’s quite possible the 2.3 branch
has
also advanced.
Rick

I was looking for something official that would indicate that.
Thanks,
Ariel

Thank you! Just what I was looking for!

The change log for rails 2.3.15
( https://github.com/rails/rails/compare/v2.3.14...v2.3.15) shows that a
fix for cve-2012-5664 was in that version

Fred

Start here: https://groups.google.com/forum/#!forum/rubyonrails-security

Walter

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs