Address CVE-2016-2098 and CVE-2016-2097 - Githubissues

boxen / boxen-web

Automate your team's Boxen installations.

http://boxen.github.com

MIT License

208 stars 111 forks source link

Address CVE-2016-2098 and CVE-2016-2097 #90

Closed jacobbednarz closed 8 years ago

jacobbednarz commented 8 years ago

Updates to Rails 3.2.22.2 in order to address two CVE's:

CVE-2016-2097: Possible Information Leak Vulnerability in Action View
CVE-2016-2098: Possible remote code execution vulnerability in Action Pack

cc @mikemcquaid