81: Is This Really a CVE?
Episode 81 · September 28th, 2016 · 27 mins 21 secs
About this Episode
Derek and Sean talk through how to handle a security vulnerability that was reported for Clearance, a user authentication library.
- Cardboard Jankowski
- Prevent password reset token leak via HTTP referer
- The Meta Referrer Tag
- CVE
- Bundler Audit
- Ruby Advisory Database
- Ruby security announcement mailing list
- Destroy All Software
