Report from Josh Susser:
There have been several vulnerabilities in Rails reported recently. You can check out the announcements on the google group:
The fixes are generally to upgrade to 3.0.4 or 2.3.11. There are patches for many versions if you’re stuck and can’t upgrade.
If you’re not on the google group, you probably should be. It’s very low volume, and everything on it is critical information.
Ask for Help
- “Any suggestions for testing an Authorize.net integration?”
VCR is a good option, assuming you can get VCR to notice the initial requests.
“Running Jasmine with Selenium results in occasional port fail. Is the best solution to
sleepmore before setting up connections?”
“Devise seems to have the tools to set up an oauth provider. Are there any gems that pull everything together?”