Forum: Ruby on Rails Rails exploit in multi_xml remote code execution monkeypatch

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Spaceghost (Guest)
on 2013-01-11 09:48
(Received via mailing list)
Our friend the fowlest of ducks put together a nice monkeypatch for us
require after multi_xml is required.

This affects any rails project, any project using activesupport,

You probably won't need help with applying it, but here's an update on a
proper fix. Should be in by Saturday perhaps.

I'm also going to take this chance to be that guy and say retweet this
you can.

Spaceghost (Guest)
on 2013-01-11 10:51
(Received via mailing list)
After I sobered up, it's actually just anything that ends up using

Sorry for any confusion. :/

This topic is locked and can not be replied to.