Rails security issue (CVE 2019-5418, 2019-5419, and 2019-5420)

New versions of Rails have been released recently to address several security issues:

• CVE-2019-5418 File Content Disclosure in Action View

• CVE-2019-5419 Denial of Service Vulnerability in Action View

• CVE-2019-5420 Possible Remote Code Execution Exploit in Rails Development Mode (only for 5.2.2.1 and 6.0.0.beta3)

It is highly recommended that you upgrade Rails to the new patched versions: 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1, and 6.0.0.beta3

Bitnami is publishing updates which will be available in all formats soon.

For more details about these security issues, please check the information provided in the official Ruby On Rails blog. If you have further questions about Ruby or this security issue, please post to our community forums and we will be happy to help you.