I will update the article with what you said here. On Thursday, January 3, 2013 7:21:45 PM UTC+1, Michael Koziarski wrote: > > > On Friday, 4 January 2013 at 2:16 AM, Hongli Lai wrote: > > This article explains how the vulnerability works, how it is triggered and > what the facts are: > http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/ > > > Please don't give people misleading advice Hongli, when we told people > they should upgrade immediately we meant it. It *is* exploitable under > some circumstances, so people should be upgrading immediately to avoid the > risk. > > > >
-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-core/-/KqATjVQewDQJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
