Rails security updates released: 2.3.18, 3.1.12, 3.2.13
This release includes security updates for three issues:
1. [CVE-2013-1855] XSS vulnerability in sanitize_css in Action Pack [1]
2. [CVE-2013-1856] XML Parsing Vulnerability affecting JRuby users [2]
3. [CVE-2013-1857] XSS Vulnerability in the `sanitize` helper of Ruby on Rails [3]
[1] https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8 [2] https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KZwsQbYsOiI [3] https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI
0 comments
[ 3.6 ms ] story [ 7.1 ms ] threadNo comments yet.