Do you mean 1.1.6?? http://weblog.rubyonrails.org/2006/8/10/rails-1-1-6-backports-and-full-disclosure
On 8/10/06, Kent Sibilev <[EMAIL PROTECTED]> wrote:
Hi,I think there is still a major vulnerability exists in the latest Rails 1.1.5.The problem is in the routing.rb file and safe_load_paths method
Kent,
We're working on it. 1.1.6 should fix it I believe. Someone on the
core chime in?
Yes, 1.1.6 is not vulnerable as far as we can tell. In future, this
list is *not* the place to report vulnerabilities. Perhaps we should
have a [EMAIL PROTECTED] which contacts a few of us on the core
te
Kent,
We're working on it. 1.1.6 should fix it I believe. Someone on the
core chime in?
Kev
On 8/10/06, Kent Sibilev <[EMAIL PROTECTED]> wrote:
Hi,
I think there is still a major vulnerability exists in the latest Rails 1.1.5.
The problem is in the routing.rb file and safe_load_paths method.
B
