Could we have a rc3 that includes the Safebuffer fixes
(https://github.com/rails/rails/commit/c6503f48bd13c696fcc81f2a4a87b8cd7c009657,
https://github.com/rails/rails/commit/185235333c7b345e7cbb6384446c89d8447f5d79)
?
This is really a blocker for us :(
On Wed, Jun 8, 2011 at 18:11, Aaron Patterson
<aaron@tenderlovemaking.com> wrote:> # Security Issues!
>
> This release contains fixes for possible XSS problems in your rails
application. It is unlikely that your application is vulnerable, but you should
take precautions by updating your application.
>
> For more information about the XSS issue that was fixed in this release,
please [read this blog
post](http://weblog.rubyonrails.org/2011/6/8/potential-xss-vulnerability-in-ruby-on-rails-applications).
>
> ## WELCOME!
>
> Hi everyone! I''ve released Rails version 3.1.0.rc2!
>
> Please download our latest release candidate and give it a whirl!
>
> Two weeks from today, we''ll either release another rc, or release
3.1.0 final (depending on the reported issues).
>
> ## CHANGES
>
> * Fixing Rake 0.9.x integration
> * Fixing rubygems deprecation warnings
> * Sprockets was updated
>
> ## MORE IMPORTANT CHANGES
>
> * Much whitespace was removed
> * Many typos were fixed
> * Queens English was changed to American English
> * Many grammar errors removed
>
> For an exaustive list of changes, see the [log on
github](https://github.com/rails/rails/compare/v3.1.0.rc1...v3.1.0.rc2).
>
> --
> Aaron Patterson
> http://tenderlovemaking.com/
>
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Core" group.
To post to this group, send email to rubyonrails-core@googlegroups.com.
To unsubscribe from this group, send email to
rubyonrails-core+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-core?hl=en.