Late this week, the most recent version of the Rails framework was released.
Specifically, this covers the following issues:
- Filter Problems on Case Insensitive Filesystems CVE-2011-0449
- Potential SQL Injection with limit() CVE-2011-0448
If you’re currently running Rails in any production environments, remember that you can use bundler to only update the framework and none of the other installed gems.
Simply run:
[cc]
bundle update rails
[/cc]
Done and done.
Speak your mind...