Security fix CVE-2012-5664 exists in rails 2.3.15

The original announcement of Rails 3.2.10… was posted on January 2. The current version is at 3.2.12. It’s quite possible the 2.3 branch has also advanced.
Rick

I was looking for something official that would indicate that.

Thanks,

Ariel

The change log for rails 2.3.15 ( https://github.com/rails/rails/compare/v2.3.14...v2.3.15) shows that a fix for cve-2012-5664 was in that version

Fred

Thank you! Just what I was looking for!

Start here: https://groups.google.com/forum/#!forum/rubyonrails-security

Walter