Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Rails noob here... with this and the other vulnerability from a few days ago, do all you need to do is update your rails gem to become safe?

Current version at time of my post is 3.2.11, if I'm using that am I safe or do I need to perform additional steps?



That is correct. The latest 3.1.10, or latest 3.2 series have this update. See the top of the linked notice:

Versions Affected: ALL versions Not affected: NONE Fixed Versions: 3.2.11, 3.1.10, 3.0.19, 2.3.15


That's exactly what you need to do. You're safe.


if you have any production using rails version < 3.2.11 then upgrade to 3.2.11. You should not have to do anything else than upgrading.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: