[LRUG] Rails vulnerabilities
Frederick Cheung
frederick.cheung at gmail.com
Wed Dec 4 07:06:10 PST 2013
And watch out if you were doing
number_to_currency something, :unit => '£'
since you now need to mark the unit as html safe
Fred
On 4 Dec 2013, at 15:01, Marc Wickenden <marc at 4armed.com> wrote:
> Just in case anyone didn't catch it, Rails 3.2.16 and 4.0.2 were
> released late yesterday addressing quite a few security issues. May be
> old news for you guys now but you never know.
>
> http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
>
> Cheers,
>
> Marc
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
More information about the Chat
mailing list