6:23 Play Subscribe with or Intro song by Falseta

Episode #121 - October 19, 2010

2df14bd29ca441a9d4656f0abae2e0ab.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Gregg Pollack 0d2bf6fbf141a1995560fa9273992ff0.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Nathaniel Bibler

Phusion Passenger 3.0.0, Rails accepts_nested_attributes_for vulnerability, ARel 2.0, Slim, RFID, Fog, TinyTDS, and more on this episode of Ruby5.

Subscribe to our mailing list!

This episode is sponsored by Top Ruby Jobs. Everyone deserves to love their job (and it's probably in Ruby).

  • Top Ruby Jobs
  • Passenger 3.0.0
  • Rails Vulnerability
  • tag-it
  • Timeliness
  • Slim
  • Tiny TDS
  • Fog
  • ARel 2.0
  • Ruby5

Security Vulnerability in Nested Attributes code in Ruby On Rails 2.3.9 and 3.0.0 Jump to Story

Late last week, a vulnerability was identified in Rails which affects version 2.3.9 and 3.0.0. Specifically, it affects the ActiveRecord accepts_nested_attributes_for call. It allows an attacker to modify the form data transmitted back to your application in a way that may cause corruption or modification of other records in your database. The Rails Core team has released version 2.3.10 and 3.0.1 to fix the problem. You are encouraged to update as soon as is possible, now that this is a known threat.

October 28th, 2014

Speech recognition with pocketsphinx-ruby, a recent update on the chatbot framework Lita, building and distributing OS X applications with ognivo, using Neo4j in rails, and rails rumble is over!

October 24th, 2014

Enforcing your environment with ENVied, easier payment integration with Payola, faster logic with pippi, multithreading in MRI, and Practicing Rails.

October 21st, 2014

Aimee and Nate talk about UltraHook, Using Capybara in Integration Tests, Background Processing with Einhorn, Barcelona Ruby Conf Top 5, and Raptor.

October 16th, 2014

Unary Operators, Writing fast Ruby, each_with_object, ES6 Transpiler and HStore