Ruby on Rails Receives Updated Patch for SQL Injection Vulnerabilities
The Rails Dev. Team has announced the release versions, 3.2.19, 4.0.7 and 4.1.3 of the framework and is recommending that RonR developers upgrade their sites just as soon as possible. It wasn’t but a few hours later where the same Dev. Team made a second announcement of the release of versions 4.0.8 and 4.1.4 designed to fix a regression caused by the 4.0.7 and 4.1.3 updates, one of two SQL injection vulnerabilities affects applications running on Rails 2.0.0 to 3.2.18 which use the PostgreSQL database system and query bit string data types with the second vulnerability affecting those apps running on RonR 4.0.0 to 4.1.2 when using PostgreSQL and querying range data types. Continue reading this story here.