[Pdx-pm] Ruby on Rails exploit

Melissa Hollingsworth melissa at fastanimals.com
Wed Jan 9 09:10:48 PST 2013

On Tue, 08 Jan 2013 20:58:31 -0800, Keith Lofstrom <keithl at gate.kl-ic.com>  

> Via my ISP:
> http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/
> https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
> I don't run Rails, but a lot of sites do.  I wonder if my bank does?

This alert has been all over the place.  The fix is simple:
upgrade to the latest Rails. :)  The problem is only potentially
widespread because so many people never bothered to do that.

Melissa Hollingsworth
melissa at fastanimals.com
+1 512 619 1237

More information about the Pdx-pm-list mailing list