Last active
August 29, 2015 14:23
-
-
Save boffbowsh/073d4f36f8677304fa9f to your computer and use it in GitHub Desktop.
curl / wget this (retaining the name) into `config/initializers` to fix the CVE-2015-3226 vulnerability in Rails 3.2.22 apps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
raise "Check monkey patch for CVE-2015-3226 is still needed" unless Rails::VERSION::STRING == '3.2.22' | |
module ActiveSupport | |
module JSON | |
module Encoding | |
private | |
class EscapedString | |
def to_s | |
self | |
end | |
end | |
end | |
end | |
end |
tijmenb
commented
Jun 17, 2015
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment