Published at DZone with permission of its author, Eric Genesky.
The official Ruby on Rails blog recently announced
the release of two "extremely critical security fixes" for a major security flaw. In response, Heroku also released a how-to for upgrading Heroku
apps that run on Rails. The Heroku team warns that "If you do not upgrade, an attacker can trivially gain access to your application, its data, and run arbitrary code or commands."
You can check out both posts by below.Heroku Blog - Rails Security Vulnerability Ruby on Rails Blog - Rails 3.2.11, 3.1.10, 3.0.19, and 2.3.15 Have Been Released!
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)