The change log for rails 2.3.15 ( https://github.com/rails/rails/compare/v2.3.14...v2.3.15) shows that a fix for cve-2012-5664 was in that version
Fred On Monday, February 25, 2013 11:54:18 AM UTC, Ariel Tal wrote: > > I was looking for something official that would indicate that. > Thanks, > Ariel > > On Monday, February 25, 2013 1:34:19 AM UTC+2, Rick wrote: >> >> The original announcement of Rails 3.2.10... was posted on *January 2*. >> The current version is at 3.2.12. It's quite possible the 2.3 branch has >> also advanced. >> Rick >> >> On Sunday, February 24, 2013 9:47:00 AM UTC-5, Ariel Tal wrote: >>> >>> Hello, >>> I was looking to migrate the patch described in this >>> link<https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM> >>> ( >>> https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM) >>> >>> to the rails 2.3 branch, but when doing so realized that it's already there. >>> >>> I couldn't find anything about this in the release notes, I was >>> wondering if the link above might be incomplete? If it's not a mistake, is >>> it possible to add a note about it somewhere? >>> >>> Thanks, >>> Ariel >>> >> -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/HfKSsGwT6-4J. For more options, visit https://groups.google.com/groups/opt_out.
