Debian DSA-3464-1 : rails - security update
Medium Nessus Plugin ID 88499
SynopsisThe remote Debian host is missing a security-related update.
DescriptionMultiple security issues have been discovered in the Ruby on Rails web application development framework, which may result in denial of service, cross-site scripting, information disclosure or bypass of input validation.
SolutionUpgrade the rails packages.
For the stable distribution (jessie), these problems have been fixed in version 2:4.1.8-1+deb8u1.