X

Ruby on Rails creator says install patch, like, now

Martin LaMonica Former Staff writer, CNET News
Martin LaMonica is a senior writer covering green tech and cutting-edge technologies. He joined CNET in 2002 to cover enterprise IT and Web development and was previously executive editor of IT publication InfoWorld.
See full bio
Martin LaMonica

The Ruby on Rails project on Wednesday released Rails 1.1.5, a security upgrade that creator David Heinemeier Hansson said was a mandatory patch that fixes what he called a critical vulnerability.

Ruby on Rails is a Web development framework praised by many developers for its speed.

In a blog posting on Wednesday, Heinemeier Hansson told Ruby on Rail users to install the patch ASAP.

"For the third time: This is not like, 'Sure, I should be flossing my teeth.' This is, 'Yes, I will wear my helmet as I try to go 100 mph on a motorcycle through downtown in rush hour.' It's not a suggestion, it's a prescription. So get to it!" he wrote.

He noted that the issue, which he declined to discuss in detail, only affected Ruby on Rails 1.0 or later.

In other matters, Heinemeier Hansson has started development of a wiki clone called Instiki, designed to be "so pretty and easy to set up, you'll wonder if it's really a wiki." The current version is 0.11.0.