Kent, We're working on it. 1.1.6 should fix it I believe. Someone on the core chime in?
Yes, 1.1.6 is not vulnerable as far as we can tell. In future, this list is *not* the place to report vulnerabilities. Perhaps we should have a [EMAIL PROTECTED] which contacts a few of us on the core team. -- Cheers Koz _______________________________________________ Rails-core mailing list Rails-core@lists.rubyonrails.org http://lists.rubyonrails.org/mailman/listinfo/rails-core