--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi everyone,

Rails 2.3.14 has been released.  This release contains critical security fi=
xes.

## CHANGES=20

You can find an exhaustive list of changes on [github](https://github.com/r=
ails/rails/compare/v2.1.12...v2.1.14).  Here are some notable excerpts:=20

### 4 Security Fixes

  * [Response Splitting](http://groups.google.com/group/rubyonrails-securit=
y/browse_thread/thread/6ffc93bde0298768)
  * [SQL Injection issues](http://groups.google.com/group/rubyonrails-secur=
ity/browse_thread/thread/6a1e473744bc389b)
  * [Parse error in `strip_tags`](http://groups.google.com/group/rubyonrail=
s-security/browse_thread/thread/2b9130749b74ea12)
  * [UTF-8 escaping vulnerability](http://groups.google.com/group/rubyonrai=
ls-security/browse_thread/thread/56bffb5923ab1195)

Please follow the links to see specific information about each vulnerabilit=
y, along with individual patches for fixing them.

Also remember to subscribe to the [Ruby on Rails Security mailing list](htt=
p://groups.google.com/group/rubyonrails-security).

### 2 Bug Fixes

  * Rescue from RDoc task errors
  * OrderedHash can merge with blocks

## THE END=20

Thanks! <3=20

--=20
Aaron Patterson
http://tenderlovemaking.com/

--XsQoSWH+UP9D9v3l
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)

iQEcBAEBAgAGBQJOSv4DAAoJEJUxcLy0/6/G1iYIAJsdjfWcgdN6hg5JcG5nKd9C
kdIiHBnMloCSRf94A0PKBP1MT6xW9Fyxt8yMCJiww8kU1eMHoGhcvFLdq838IoRc
Txiu5dz8DagUP99RDkkcu+yDsT1lHLK7AJxwZ6AivZ3DAHTCLCpBk9kLo+w0/Fbw
XyOFFHpUnSiGZt4KIpIx3rcJKH/UKJi/sEwt29uGQmTqphhBPmRhyUIEPNz9Z5HZ
O1/wBVG23t7ef92BaM3YekCfisuKtamZmudndNU3MQi0DJoAreU0okX45FpI5Pxm
JDk+ot354Ntii0OrQ8/maRBJ49QsjbFmIYrTT7bsWwqZPny6lu6tmbATgp1kNpY=
=Z4WX
-----END PGP SIGNATURE-----

--XsQoSWH+UP9D9v3l--