Ruby on Rails Receives a SQL Injection Vulnerability Patch
The Ruby on Rails web development framework received some negative press over the two SQL injection vulnerabilities which allowed malicious attackers to insert arbitrary SQL code into queries using specially crafted values. These were of course found, and now patched. The Rails team blog focuses on the security patches which have been introduced as a regression on the PostgreSQL Range feature to which was only introduced to Rails 4.x. Rails with no impact to Ruby on Rails 3.2 users. Continue reading here.