Rails 2.3.14 has been released. This release contains critical security fixes.
You can find an exhaustive list of changes on [github](https://github.com/rails/rails/compare/v2.1.12...v2.1.14). Here are some notable excerpts:
### 4 Security Fixes
* [Response Splitting](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768)
* [SQL Injection issues](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b)
* [Parse error in `strip_tags`](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12)
* [UTF-8 escaping vulnerability](http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195)
Please follow the links to see specific information about each vulnerability, along with individual patches for fixing them.
Also remember to subscribe to the [Ruby on Rails Security mailing list](http://groups.google.com/group/rubyonrails-security).
### 2 Bug Fixes
* Rescue from RDoc task errors
* OrderedHash can merge with blocks
## THE END