Rails 2.3.14

Hi everyone,

Rails 2.3.14 has been released. This release contains critical security fixes.

## CHANGES

You can find an exhaustive list of changes on [github](https://github.com/rails/rails/compare/v2.1.12...v2.1.14). Here are some notable excerpts:

### 4 Security Fixes

  * [Response Splitting](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768)   * [SQL Injection issues](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b)   * [Parse error in `strip_tags`](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12)   * [UTF-8 escaping vulnerability](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195)

Please follow the links to see specific information about each vulnerability, along with individual patches for fixing them.

Also remember to subscribe to the [Ruby on Rails Security mailing list](http://groups.google.com/group/rubyonrails-security).

### 2 Bug Fixes

  * Rescue from RDoc task errors   * OrderedHash can merge with blocks

## THE END

Thanks! <3

The changelog link is here: https://github.com/rails/rails/compare/v2.3.12…v2.3.14. Just got the minor number wrong, which is a minor problem.

Thanks again for your fabulous work Aaron!

The changelog link is here: Comparing v2.3.12...v2.3.14 · rails/rails · GitHub (https://github.com/rails/rails/compare/v2.1.12...v2.1.14). Just got the minor number wrong, which is a minor problem.

Doh! Thanks for letting me know. I'll update the blog post.

Thanks again for your fabulous work Aaron!

No problem. Thanks for the hard work you do as well.