

Rails Security Vulnerability - DanielRibeiro
http://blog.heroku.com/archives/2013/1/11/rails_security_vulnerability/

======
josephlord
I got an email notification indicating the apps I manage were running on old
Rails which I don't believe they are having updated them today.

When I push to Heroku I get "Using rails 3.2.11" but the email said one app
was on 3.2.1 and the other on 3.2.9. The script they link to says both apps
are up to date too.

So don't panic if you get the email and you know you have already updated.

Edit - False alarms acknowledged by Heroku in blog comment:

 _Dominic - Sorry for the false alarm! We collected data on a lot of apps, and
ended up notifying some users that had already updated. If you already updated
your app, no action is required._

