From the official Ruby on Rails forum:
I'd like to announce that 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been
released. These releases contain two **extremely critical security
fixes** so please update **IMMEDIATELY**.
You can read about the security fixes by following these links:
* [CVE-2013-0155](https://groups.google.com/group/rubyonrails-securi...)
* [CVE-2013-0156](https://groups.google.com/group/rubyonrails-securi...)
For more, see http://www.ruby-forum.com/topic/4409650
Again: please upgrade as Shopify customers are put at risk by this vulnerability.
In the meantime, we’re looking into easy ways of allowing apps to refresh their secrets/tokens while allowing silent-reinstalls.
... View more