Ruby on Rails patches more SQL injection holes
From http://h-online.com/-1617650
Quote:
Further security problems have been found in the Ruby on Rails web framework following the release of updates that addressed two critical vulnerabilities less than two weeks ago. The new security holes are in the same areas of the framework's database layer Active Record and in its query generation. The vulnerabilities could allow hackers to, for example, access confidential data from the database tables without authorisation.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|