1. 5
    Multiple vulnerabilities in parameter parsing in Action Pack (Rails) (CVE-2013-0156) ruby security groups.google.com
    jcs avatar via jcs 10 years ago |
    Archive.org Archive.today Ghostarchive
    | 1 comment

Note: this is separate from https://lobste.rs/s/qij18r/sql_injection_vulnerability_in_all_versions_of_ruby_on_rails_activerecord_cve-2012-5664

    1. 1
      jcs avatar jcs 10 years ago | link

      http://rubygems.org was down for a bit this evening, presumably due to all the load from people upgrading their Rails sites. Why isn’t the bundler/gems stuff mirrored across multiple domains/servers/countries for redundancy? With everyone’s Gemfile pointing at rubygems.org by default, surely that site being down delayed some sites in upgrading as soon as they could have otherwise.

Stories with similar links:

  1. SFTPGo: a Golang performance story and some questions via inactive-user 3 years ago | 7 points | no comments
  2. Racket2 possibilities via inactive-user 4 years ago | 20 points | 9 comments
  3. PostScript and Interpress: a comparison (1985) via zge 4 years ago | 4 points | no comments
  4. Origins of the finger command via calvin 5 years ago | 21 points | no comments
  5. The NetHack DevTeam is happy to announce the release of NetHack 3.6.1 via intercal 5 years ago | 21 points | 5 comments
  6. CVE-2017-17482: OpenVMS Security Notice for local privilege escalation via dege 5 years ago | 4 points | no comments
  7. Eve (programming language) is winding down via roryokane 5 years ago | 45 points | 12 comments
  8. Go 1.10 Beta 1 is released via av 5 years ago | 6 points | no comments
  9. Termination of the certificates business of Startcom via calvin 5 years ago | 20 points | 1 comment
  10. A new Common Lisp compiler/interpreter in Prolog via rogersm 5 years ago | 11 points | 2 comments
  11. Faster blame on hg.mozilla.org (2016) via JordiGH 5 years ago | 4 points | no comments
  12. Sequel 5.0.0 Released authored by jeremyevans 6 years ago | 13 points | 1 comment
  13. First Language (1998) via yumaikas 6 years ago | 1 point | no comments
  14. Redis 4.0.0 GA via fs111 6 years ago | 12 points | 1 comment
  15. mblaze 0.1, a Maildir-focused command line mail client via duncaen 6 years ago | 23 points | 1 comment
  16. Concerns about Kubernetes Community newcomers via devth 6 years ago | 2 points | 1 comment
  17. Shen has been ported to C via bsima 6 years ago | 3 points | no comments
  18. Vitaly Slobodin steps down as PhantomJS maintainer because of headless Chrome via koehr 6 years ago | 3 points | 2 comments
  19. Symantec again caught issuing suspicious certificates, this time for example.com via kb 6 years ago | 15 points | 1 comment
  20. Ansible: New RCs for Security Bug CVE-2016-9587 via ChrisShort 6 years ago | 1 point | no comments
  21. Mercurial 4.0 Sprint Notes via ngoldbaum 6 years ago | 14 points | 3 comments
  22. Apple's response to the WoSign incidents via inactive-user 6 years ago | 17 points | 6 comments
  23. Happy 25th birthday Linux via mjturner 7 years ago | 7 points | 1 comment
  24. Incidents involving the CA WoSign via lattera 7 years ago | 16 points | 2 comments
  25. Vim 8.0 pre-announcement via romanzolotarev 7 years ago | 21 points | 7 comments
  26. Buford v0.7.0 Apple Push Notifications for Go 1.6 and HTTP/2 authored by nathany 7 years ago | 2 points | no comments
  27. Go 1.7 Beta 1 released via inactive-user 7 years ago | 12 points | no comments
  28. Linus hacks fsck to recover deleted files (1993) via pushcx 7 years ago | 2 points | no comments
  29. Alpha release of Servo to be released in June via ane 7 years ago | 29 points | 7 comments
  30. Git integrity via effdee 7 years ago | 28 points | 2 comments
  31. Multiple Ruby on Rails vulnerabilities via jasper 7 years ago | 3 points | 1 comment
  32. Go 1.5.3 is released via luiz 7 years ago | 8 points | no comments
  33. Go 1.6 Beta 1 is released via nathany 7 years ago | 12 points | 2 comments
  34. Phoenix 1.1 Released via bratsche 7 years ago | 19 points | no comments
  35. Go 1.5.2 is released via nathany 7 years ago | 9 points | 5 comments
  36. Standardising racket's threading macros via zem 7 years ago | 6 points | no comments
  37. Password Hashing Competition Winner: Argon2 via jcs 8 years ago | 15 points | no comments
  38. What is a closure? via rubenbarroso 8 years ago | 7 points | no comments
  39. Linux futex_wait bug via SeanTAllen 8 years ago | 12 points | no comments
  40. JMH vs Caliper reference thread (JVM micro-benchmarking) via tobym 8 years ago | 4 points | no comments
  41. [release] Redis 3.0.0 is out. via joshuacc 8 years ago | 10 points | 3 comments
  42. Golang team is discussing a builtin solution for dependency management via kb 8 years ago | 23 points | 16 comments
  43. The RabbitMQ Team is Hiring - Remote Workers Accepted via old_sound 8 years ago | 2 points | no comments
  44. Go 1.4.1 Released via mreedell 8 years ago | 8 points | no comments
  45. comment on adding conditionals to configuration languages via stuntgoat 8 years ago | 1 point | no comments
  46. Choosing hardware to minimize latency via tobym 8 years ago | 3 points | no comments
  47. Rack, Change of Maintainer & Status via pushcx 9 years ago | 1 point | no comments
  48. Play 2.3.0 Is Released via kellogh 9 years ago | 1 point | no comments
  49. goroutines management via pyk 9 years ago | 1 point | no comments
  50. Rails Directory Traversal Vulnerability With Certain Route Configurations (CVE-2014-0130) via jcs 9 years ago | 1 point | no comments
  51. Proposal to remove StartCom from Mozilla CA truststore via hdevalence 9 years ago | 8 points | no comments
  52. A Simple Run Time Comparison Of AWKs Running A Genetic Algorithm via kmatt 9 years ago | 4 points | no comments
  53. Dotty open-sourced, research platform for new language concepts and compiler technologies for Scala via tobym 9 years ago | 9 points | 1 comment
  54. RubySec Summary of CVE-2013-6393 aka "you're probably vulnerable" via jcs 9 years ago | 3 points | no comments
  55. GHC (the standard Haskell compiler) gets first class iOS support via rbxbx 10 years ago | 5 points | no comments
  56. Play Framework - async by default via tobym 10 years ago | 2 points | no comments
  57. golang-weekly issue #4 via nilmethod 11 years ago | 3 points | no comments
  58. Android 4.1 source code released via lynge 11 years ago | 4 points | 2 comments