Hello, I was looking to migrate the patch described in this link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> ( https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) to the rails 2.3 branch, but when doing so realized that it''s already there. I couldn''t find anything about this in the release notes, I was wondering if the link above might be incomplete? If it''s not a mistake, is it possible to add a note about it somewhere? Thanks, Ariel -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/HwOV22gIN_AJ. For more options, visit https://groups.google.com/groups/opt_out.
The original announcement of Rails 3.2.10... was posted on *January 2*. The current version is at 3.2.12. It''s quite possible the 2.3 branch has also advanced. Rick On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote:> > Hello, > I was looking to migrate the patch described in this link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> > ( > https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) > to the rails 2.3 branch, but when doing so realized that it''s already there. > > I couldn''t find anything about this in the release notes, I was wondering > if the link above might be incomplete? If it''s not a mistake, is it > possible to add a note about it somewhere? > > Thanks, > Ariel >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/CtVcaC4ALZYJ. For more options, visit https://groups.google.com/groups/opt_out.
I was looking for something official that would indicate that. Thanks, Ariel On Monday, February 25, 2013 1:34:19 AM UTC+2, Rick wrote:> > The original announcement of Rails 3.2.10... was posted on *January 2*. > The current version is at 3.2.12. It''s quite possible the 2.3 branch has > also advanced. > Rick > > On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote: >> >> Hello, >> I was looking to migrate the patch described in this link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> >> ( >> https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) >> to the rails 2.3 branch, but when doing so realized that it''s already there. >> >> I couldn''t find anything about this in the release notes, I was wondering >> if the link above might be incomplete? If it''s not a mistake, is it >> possible to add a note about it somewhere? >> >> Thanks, >> Ariel >> >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/tCE5PSKhjBgJ. For more options, visit https://groups.google.com/groups/opt_out.
Frederick Cheung
2013-Feb-25 12:43 UTC
Re: Security fix CVE-2012-5664 exists in rails 2.3.15
The change log for rails 2.3.15 ( https://github.com/rails/rails/compare/v2.3.14...v2.3.15) shows that a fix for cve-2012-5664 was in that version Fred On Monday, February 25, 2013 11:54:18 AM UTC, Ariel Tal wrote:> > I was looking for something official that would indicate that. > Thanks, > Ariel > > On Monday, February 25, 2013 1:34:19 AM UTC+2, Rick wrote: >> >> The original announcement of Rails 3.2.10... was posted on *January 2*. >> The current version is at 3.2.12. It''s quite possible the 2.3 branch has >> also advanced. >> Rick >> >> On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote: >>> >>> Hello, >>> I was looking to migrate the patch described in this link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> >>> ( >>> https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) >>> to the rails 2.3 branch, but when doing so realized that it''s already there. >>> >>> I couldn''t find anything about this in the release notes, I was >>> wondering if the link above might be incomplete? If it''s not a mistake, is >>> it possible to add a note about it somewhere? >>> >>> Thanks, >>> Ariel >>> >>-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/HfKSsGwT6-4J. For more options, visit https://groups.google.com/groups/opt_out.
Thank you! Just what I was looking for! On Monday, February 25, 2013 2:43:53 PM UTC+2, Frederick Cheung wrote:> > The change log for rails 2.3.15 ( > https://github.com/rails/rails/compare/v2.3.14...v2.3.15) shows that a > fix for cve-2012-5664 was in that version > > Fred > > On Monday, February 25, 2013 11:54:18 AM UTC, Ariel Tal wrote: >> >> I was looking for something official that would indicate that. >> Thanks, >> Ariel >> >> On Monday, February 25, 2013 1:34:19 AM UTC+2, Rick wrote: >>> >>> The original announcement of Rails 3.2.10... was posted on *January 2*. >>> The current version is at 3.2.12. It''s quite possible the 2.3 branch has >>> also advanced. >>> Rick >>> >>> On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote: >>>> >>>> Hello, >>>> I was looking to migrate the patch described in this link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> >>>> ( >>>> https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) >>>> to the rails 2.3 branch, but when doing so realized that it''s already there. >>>> >>>> I couldn''t find anything about this in the release notes, I was >>>> wondering if the link above might be incomplete? If it''s not a mistake, is >>>> it possible to add a note about it somewhere? >>>> >>>> Thanks, >>>> Ariel >>>> >>>-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/r8V_x6CQH00J. For more options, visit https://groups.google.com/groups/opt_out.
Walter Lee Davis
2013-Feb-25 13:37 UTC
Re: Security fix CVE-2012-5664 exists in rails 2.3.15
Start here: https://groups.google.com/forum/#!forum/rubyonrails-security Walter On Feb 25, 2013, at 6:54 AM, Ariel Tal wrote:> I was looking for something official that would indicate that. > Thanks, > Ariel > > On Monday, February 25, 2013 1:34:19 AM UTC+2, Rick wrote: > The original announcement of Rails 3.2.10... was posted on January 2. The current version is at 3.2.12. It''s quite possible the 2.3 branch has also advanced. > Rick > > On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote: > Hello, > I was looking to migrate the patch described in this link (https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) to the rails 2.3 branch, but when doing so realized that it''s already there. > > I couldn''t find anything about this in the release notes, I was wondering if the link above might be incomplete? If it''s not a mistake, is it possible to add a note about it somewhere? > > Thanks, > Ariel > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/tCE5PSKhjBgJ. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.