A new version of the Ruby on Rails scripting language has been released, with developers urging users to upgrade to the new version after the discovery of a major security vulnerability.
Ruby on Rails version 3.2.7 fixes a serious security vulnerability, known as CVE-2012-3424, that allows hackers to launch a denial of service attack on web applications using Ruby on Rails’ digest authentication.
Ruby on Rails, along with PHP, is one of the most popular server-side scripting languages for web applications. It also forms the basis of a number of popular content management systems including Radiant, Refinery, Nesta and Locomotive.
Australian SMEs should check with their IT staff about whether they use any content management systems or web applications based on Ruby on Rails, and if so, whether they should go about upgrading them.
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.