« Securityfocus interview with Mozilla security team | Main | Tools: Microsoft Announces Three Tools to help prevent SQL Injection »

Ruby creators warn of serious flaws

"The Ruby programming language, which has become popular as the basis for web 2.0 sites such as Twitter, contains serious security flaws that could allow attackers to take over an organization's web server, according to the Ruby development team.

The "disturbing" flaws, which were disclosed on Friday, could affect nearly any typical Ruby-based web application, according to Thomas Ptacek, founder of security firm Matasano.

The five bugs affect Ruby version 1.8 up to 1.8.7-p21 and version 1.9 up to 1.9.0-1, according to the Ruby development team.

Users can remedy the problem by upgrading to a patched version of Ruby, developers said, with patches available on the Ruby language site. "

Ruby Website: http://www.ruby-lang.org/en/
Article Link: http://www.itworld.com/development/53286/ruby-creators-warn-serious-flaws


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!