Good news everyone! Rails version 3.0.14 has been released.
This release of Rails contains two important security fixes:
* [CVE-2012-2694 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails](https://groups.google.com/group/rubyonrails-security/browse_thread/thread/8c82d9df8b401c5e) * [CVE-2012-2695 Ruby on Rails SQL Injection](https://groups.google.com/group/rubyonrails-security/browse_thread/thread/9782f44c4540cf59)
Please note that the last round of security fixes DO NOT cover the situations that these patches fix. Therefore it is suggested that all users upgrade immediately. For more information about these issues, please see the annoumcenents on the [rubyonrails-security mailing list](https://groups.google.com/group/rubyonrails-security).
Other changes for this release can be found in each component's CHANGELOG:
* [Action Mailer](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub) * [Action Pack](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub) * [Active Model](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub) * [Active Record](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub) * [Active Support](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub) * [Railties](rails/CHANGELOG at 3-0-stable · rails/rails · GitHub)
All changes can be found [here](Comparing v3.0.13...v3.0.14 · rails/rails · GitHub).
<3<3<3