Rails: Vulnerability on REXML
Filed Under (Rails, Ruby, Security) by Leonardo Borges on 24-08-2008
REXML, the XML library uses by many ruby apps, including rails, has a vulnerability that requires an immediate patch on whatever rails version you’re using.
Details and instructions on the official rails weblog, here.
But basically, this is what you need to do:
gem install rexml-expansion-fixThen, require rexml-expansion-fix in your rails’s app environment.rb file.
