Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 13 Sep 2008 20:20:52 +0200
From: Robert Buchholz <>
Subject: CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection


Ruby 2.1.1 has been released, fixing sanitation in the :limit 
and :offset parameters to SQL queries.


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ