View Single Post
  #1   (View Single Post)  
Old 14th June 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Ruby on Rails patches more SQL injection holes

From http://h-online.com/-1617650

Quote:
Further security problems have been found in the Ruby on Rails web framework following the release of updates that addressed two critical vulnerabilities less than two weeks ago. The new security holes are in the same areas of the framework's database layer Active Record and in its query generation. The vulnerabilities could allow hackers to, for example, access confidential data from the database tables without authorisation.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote