Could we have a rc3 that includes the Safebuffer fixes (https://github.com/rails/rails/commit/c6503f48bd13c696fcc81f2a4a87b8cd7c009657, https://github.com/rails/rails/commit/185235333c7b345e7cbb6384446c89d8447f5d79) ?
This is really a blocker for us :( On Wed, Jun 8, 2011 at 18:11, Aaron Patterson <[email protected]> wrote: > # Security Issues! > > This release contains fixes for possible XSS problems in your rails > application. It is unlikely that your application is vulnerable, but you > should take precautions by updating your application. > > For more information about the XSS issue that was fixed in this release, > please [read this blog > post](http://weblog.rubyonrails.org/2011/6/8/potential-xss-vulnerability-in-ruby-on-rails-applications). > > ## WELCOME! > > Hi everyone! I've released Rails version 3.1.0.rc2! > > Please download our latest release candidate and give it a whirl! > > Two weeks from today, we'll either release another rc, or release 3.1.0 final > (depending on the reported issues). > > ## CHANGES > > * Fixing Rake 0.9.x integration > * Fixing rubygems deprecation warnings > * Sprockets was updated > > ## MORE IMPORTANT CHANGES > > * Much whitespace was removed > * Many typos were fixed > * Queens English was changed to American English > * Many grammar errors removed > > For an exaustive list of changes, see the [log on > github](https://github.com/rails/rails/compare/v3.1.0.rc1...v3.1.0.rc2). > > -- > Aaron Patterson > http://tenderlovemaking.com/ > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
