2016-1-26 23:12| 发布者: joejoe0332| 查看: 1016| 评论: 0|原作者: oschina|来自: oschina
Rails 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1, and rails-html-sanitizer 1.0.3 发布,有重要安全修复,请尽快更新:
CVE-2015-7576 Timing attack vulnerability in basic authentication in Action Controller.
CVE-2016-0751 Possible Object Leak and Denial of Service attack in Action Pack
CVE-2015-7577 Nested attributes rejection proc bypass in Active Record.
CVE-2016-0752 Possible Information Leak Vulnerability in Action View
CVE-2016-0753 Possible Input Validation Circumvention in Active Model
CVE-2015-7581 Object leak vulnerability for wildcard controller routes in Action Pack
更多内容:
Changes in 5.0.0.beta1.1
Changes in 4.2.5.1
Changes in 4.1.14.1
Changes in 3.2.22.1
: 看着牙疼!
关于LUPA|人才芯片工程|人才招聘|LUPA认证|LUPA教育|LUPA开源社区 ( 浙B2-20090187 浙公网安备 33010602006705号 )
