Gentoo Linux Security Advisory 200912-2 - Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements. Versions less than 2.2.2 are affected.
16d8e364cfb92aed20ead8b90f7ddfb138996017dcb068bdfb6e381ed4b6eee8
Debian Security Advisory 1887-1 - Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.
e9db881d48510c6e213b5d71a715500f7af077e97ce065212eede46bfda25193