diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | doc/security.rdoc | 3 |
2 files changed, 7 insertions, 0 deletions
@@ -1,3 +1,7 @@ +Wed Feb 6 13:03:00 2013 Zachary Scott <zachary@zacharyscott.net> + + * doc/security.rdoc: Add link to CVEs on ruby-lang.org/en/security + Wed Feb 6 12:49:00 2013 Zachary Scott <zachary@zacharyscott.net> * NEWS: Add note about removal of CSV::load and CSV::dump from r39077 diff --git a/doc/security.rdoc b/doc/security.rdoc index 566920a5c1..16df93f540 100644 --- a/doc/security.rdoc +++ b/doc/security.rdoc @@ -6,6 +6,9 @@ pitfalls often encountered by newcomers and experienced Rubyists alike. This document aims to discuss many of these pitfalls and provide more secure alternatives where applicable. +Please check the full list of publicly known CVEs and how to correctly report a +security vulnerability, at: http://www.ruby-lang.org/en/security/ + == <code>$SAFE</code> Ruby provides a mechanism to restrict what operations can be performed by Ruby |