ZFGC
ZFGC.com => Feedback => Topic started by: BuffaloBurgers on January 11, 2013, 06:00:21 am
-
http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/
I know the original new site plans were heavy with Ruby on Rails to power it. How much of that has survived with the administration changes I'm not sure but this is mostly a warning to let the Ruby devs take care of business before rolling anything out
-
Thank you very much for the advice, fortunately we have ditched the RoR code altogether, so this won't be a problem :).
-
Thanks.
-
Now worries here for now, the RoR code was scrapped.
-
Its honestly only affecting the XML parser, which is disabled by default. And then the patch itself is relatively small. Just saying.
Also lol @ RoR code being scrapped.
EDIT: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
Here are the patches if anyone wants them. They're fairly small & easy to apply.