[Pdx-pm] Ruby on Rails exploit
Melissa Hollingsworth
melissa at fastanimals.com
Wed Jan 9 09:10:48 PST 2013
On Tue, 08 Jan 2013 20:58:31 -0800, Keith Lofstrom <keithl at gate.kl-ic.com>
wrote:
> Via my ISP:
>
> http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/
> https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
>
> I don't run Rails, but a lot of sites do. I wonder if my bank does?
This alert has been all over the place. The fix is simple:
upgrade to the latest Rails. :) The problem is only potentially
widespread because so many people never bothered to do that.
--
Melissa Hollingsworth
melissa at fastanimals.com
+1 512 619 1237
More information about the Pdx-pm-list
mailing list