On Wed, Jan 02, 2013 at 01:28:36PM -0800, Aaron Patterson wrote:
> Rails versions 3.2.10, 3.1.9, and 3.0.18 have been released.  These releases contain an important security fix.  It is recommended that **all users upgrade immediately**.
> 
> The security identifier is CVE-2012-5664, and you can read about the issue [here](add link).

Oops!  Forgot the CVE link:

  https://groups.google.com/group/rubyonrails-security/browse_thread/thread/c2353369fea8c53

Thanks for your patience!

-- 
Aaron Patterson
http://tenderlovemaking.com/