Rails 2.3.14 has been released. This release contains critical security fixes.
You can find an exhaustive list of changes on github. Here are some notable excerpts:
4 Security Fixes
Please follow the links to see specific information about each vulnerability, along with individual patches for fixing them.
Also remember to subscribe to the Ruby on Rails Security mailing list.
2 Bug Fixes
- Rescue from RDoc task errors
- OrderedHash can merge with blocks