I was surprised as well. The previous security issue in August 2011 that affected 2.3 received a fix and a new release. I also haven't seen an announcement that that had changed.
That said, I don't blame the core team for wanting to drop Rails 2.3. They are already supporting 3 branches in the 3.x line. On Mar 1, 1:15 pm, "Paul E. G. Lynch" <[email protected]> wrote: > The security fix announcement today sent to the rubyonrails-security > group implied that Rails 2.3 is no longer supported. Is that the > case? Did I miss an announcement somewhere? Is there a list of > supported releases somewhere? (What was I supposed to be paying > attention to?) Thanks, > > --Paul -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
