Rails 5.0.0.beta2 等多个版本发布,
jopen 9年前
Rails 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1, and rails-html-sanitizer 1.0.3 发布,有重要安全修复,请尽快更新:
-
CVE-2015-7576 Timing attack vulnerability in basic authentication in Action Controller.
-
CVE-2016-0751 Possible Object Leak and Denial of Service attack in Action Pack
-
CVE-2015-7577 Nested attributes rejection proc bypass in Active Record.
-
CVE-2016-0752 Possible Information Leak Vulnerability in Action View
-
CVE-2016-0753 Possible Input Validation Circumvention in Active Model
-
CVE-2015-7581 Object leak vulnerability for wildcard controller routes in Action Pack
更多内容: