Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important security fixes, so please upgrade when you can. Both releases contain the following fixes: [CVE-2020-8162] Circumvention of file size limits in ActiveStorage [CVE-2020-8164] Possible Strong Parameters Bypass in ActionPack [CVE-2020-8165] Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore [CVE-2020-8166] Ability to forge per-form CSRF tokens given a global CSRF token [CVE-2020-8167] CSRF Vulnerability in rails-ujs
Rails 5.2.4.3 and 6.0.3.1 are now available.
ping
cleanup done.
(In reply to Hans de Graaff from comment #3) > cleanup done. Thank you. All done!