AOH :: HP Unsorted R :: B06-4186.HTM

Ruby on Rails 1.1.x security advisory
Security Vulnerability in Ruby on Rails 1.1.x
Security Vulnerability in Ruby on Rails 1.1.x

Product:   Ruby on Rails
Affected: 1.1.0, 1.1.1, 1.1.2, 1.1.4, 1.1.5

Problem Description

Scott Barron and Tobias Luetke, of the Ruby on Rails Core Team, discovered a fault with the dependency resolution mechanism which can, when exploited by a remote attacker, leave a system vulnerable to denial of service attacks, or even data loss.

All users of affected releases are advised to upgrade, or apply the relevant patches immediately.



1.1.5 users should upgrade to 1.1.6.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to