In a former blog-post, the rails maintainer stated, that after the release of 4.0 only 3.2 will get maintenance.
I wonder:
When you check out Versions of Rubyonrails Ruby On Rails : Versions and number of related security vulnerabilities, then you will notice that there is no entry for 3.1.12.
Can this version be considered “secure”? Or are the vulnerabilities no longer tested against this specific version?
Maybe someone can give a little insight, how the vulnerabilities are tested against all (?) releases for rails.
For example new XSS vulnerabilities are being checked against 0.X - 4.X releases - as it seems, based on the CVE reports.
Thanks for your insights & help,
Kind regards,
René