Hi everyone,

Rails 2.3.14 has been released. This release contains critical security fixes.

CHANGES

You can find an exhaustive list of changes on github. Here are some notable excerpts:

4 Security Fixes

• Response Splitting
• SQL Injection issues
• Parse error in strip_tags
• UTF-8 escaping vulnerability

Please follow the links to see specific information about each vulnerability, along with individual patches for fixing them.

Also remember to subscribe to the Ruby on Rails Security mailing list.

2 Bug Fixes

• Rescue from RDoc task errors
• OrderedHash can merge with blocks

THE END

Thanks! <3