Kevin, See the rails security post here with details about getting around this problem. https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
On Wed, Jan 9, 2013 at 5:25 AM, Kevin Triplett <mopacme...@gmail.com> wrote: > Hi Jim, > > What about us poor sods who are running 0.9 and unable to update Radiant? :) > > Kevin > > > On Wednesday, January 9, 2013 4:01:45 AM UTC-6, Jim Gay wrote: >> >> Radiant no longer keeps vendor/rails in the gem. It's loaded by the >> Gemfile. >> >> I've just pushed Radiant 1.1.1 with a dependency on Rails 2.3.15 >> >> Thanks for reporting this! >> >> On Wed, Jan 9, 2013 at 4:28 AM, Toine Diepstraten >> <toine.di...@googlemail.com> wrote: >> > Hi, >> > >> > an important security update for Rails 2.3 was released, read more about >> > it >> > here: >> > >> > >> > http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ >> > >> > >> > As I understand Radiant uses a vendor Rails 2.3.14 version. How can one >> > update Radiant to use the security fixed Rails 2.3.15 version? >> > >> > Thanks for any suggestions. >> > >> > Best, >> > Toine >> > >> >> >> >> -- >> Write intention revealing code #=> http://www.clean-ruby.com >> >> Jim Gay >> Saturn Flyer LLC >> 571-403-0338 -- Write intention revealing code #=> http://www.clean-ruby.com Jim Gay Saturn Flyer LLC 571-403-0338
