[typo] Security fix for rails (routing)
gpsnospam at gmail.com
Wed Jun 28 10:23:36 EDT 2006
A lot of people might have already seen this, but some might not
have. I wonder if this is the cause of some spiking processes that
some people have seen?
> Rails 1.1.3: Security fix and minor fixes
> We’ve found and fixed a security issue with routing that could
> cause excess CPU usage in Rails processes when triggered by certain
> URLs. We strongly encourage anyone running 1.1.x to upgrade to the
> latest version. It’s fully backwards compatible and should serve as
> a small drop-in fix.
> If you’re running the latest Edge Rails, though, there’s no need to
> update. We’ve rewritten the routes functionality on edge and the
> new version doesn’t have this problem.
> To upgrade, you as always can just do: gem install rails --include-
> Note: This release doesn’t include any of the new CRUD/resource-
> based features. All of the new features we’ve been working on over
> the last couple of months will become available in 1.2.0, which is
> scheduled for “soonish”. This 1.1.3 release is purely to address
> the security issue and another few minor fixes that were available
> on the STABLE branch as well.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Typo-list