XSS security patch


Does anyone know how to apply the XSS security patch delivered by the rails community at http://weblog.rubyonrails.org/assets/2009/9/4/2-3-timing-weakness.patch

When i try to click on the link it opens some cryptic page.

Thanks, Pratik

sorry the patch is at http://weblog.rubyonrails.org/assets/2009/9/4/2-3-CVE-2009-3009.patch

Patches aren't formatted for viewing in a browser, the newline characters will render as spaces, this is normal.

You probably want to do something like this:

cd /path/to/ruby/gems wget http://weblog.rubyonrails.org/assets/2009/9/4/2-3-CVE-2009-3009.patch cat 2-3-CVE-2009-3009.patch | patch -p1