Rails 4.2.0.beta4/3.2.20/4.0.11/4.1.7 ·¢²¼£¬
Rails 4.2.0.beta4 ·¢²¼£¬´Ë°æ±¾°üÀ¨ÁË Rails 4.2.0.beta3 µÄ°²È«ÐÞ¸´£¬Í¬Ê±»¹°üÀ¨´óÁ¿µÄ Rails 4.2.0beta2 ·¢ÏÖµÄ bug ÐÞ¸´¡£
Rails 3.2.20, 4.0.11, 4.1.7 ºÍ 4.2.0.beta3 ·¢²¼£¬´Ë°æ±¾°üÀ¨Ò»¸ö°²È«ÐÞ¸´£¬ÈÎÒâÎļþϵͳÉÏÎļþµÄ´æÔÚ¶¼¿ÉÄܻᱻй©£¬µ«ÊÇÎļþÄÚÈݲ»»á±»Ð¹Â©¡£´ËÎÊÌâͨ³£Ö»Ó°ÏìʹÓà Rails À´·þÎñ¾²Ì¬×ʲúµÄÓû§£¬²»»áÓ°ÏìʹÓÃÒ»¸ö´úÀíÀ´·þÎñ¾²Ì¬×ʲúµÄÓû§¡£¸ü¶àÄÚÈÝÇë¿´ here (CVE-2014-7818) »òÕß here (CVE-2014-7819)¡£
ÕâЩ°æ±¾µÄΨһ¸Ä½ø¾ÍÊÇÐÞ¸´ÁËÕâ¸ö°²È«Â©¶´¡£
Èí¼þÏêÇ飺https://groups.google.com/forum/#%21topic/rubyonrails-security/dCp7duBiQgo
ÏÂÔصØÖ·£ºhttp://rubyonrails.org/download/
À´×Ô:¿ªÔ´ÖйúÉçÇø
