http://www.yup.com/articles/2006/08/09/upgrade-your-old-rails-installations-now en-us 40 Advanced Web Services <p><img style="float: right; border: 1px dotted #ccc; margin: 4px; padding: 4px;" src="http://static.flickr.com/68/197231052_169578d781_m.jpg"></p> <p>DHH has decreed:</p> <blockquote> <p>This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn’t affected by this). If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched.</p> <p>The issue is in fact of such a criticality that we’re not going to dig into the specifics. No need to arm would-be assailents.</p> <p>So upgrade today, not tomorrow. We’ve made sure that Rails 1.1.5 is fully drop-in compatible with 1.1.4. It only includes a handful of bug fixes and no new features.</p> </blockquote> <p>So, if this blog goes down in the next few minutes for a nick, that&#8217;s bloody well why.</p> Wed, 09 Aug 2006 18:59:00 -0400 urn:uuid:ac7e52a0-7cbf-4c3c-a2e9-12a7ae4dc997 Daniel Butler http://www.yup.com/articles/2006/08/09/upgrade-your-old-rails-installations-now Ruby on Rails <p>Woohoo! Rails bug makes Slashdot news.</p> <p><a href="http://developers.slashdot.org/article.pl?sid=06/08/10/0213259">http://developers.slashdot.org/article.pl?sid=06/08/10/0213259</a></p> Thu, 10 Aug 2006 14:10:22 -0400 urn:uuid:347dcae5-4723-4e91-9f84-e64830f1cb0c http://www.yup.com/articles/2006/08/09/upgrade-your-old-rails-installations-now#comment-237