Ruby On Rails SQL Injection Flaw Has Serious Real-Life Consequences

This was reposted from http://rss.slashdot.org/~r/Slashdot/slashdot/~3/4jJjYcqA-4M/story01.htm written by Unknown Lamer. They get all the credit for this, not me.

vikingpower writes “As a previous Slashdot story already reported, Ruby on Rails was recently reported to suffer from a major SQL injection flaw. This has prompted the Dutch government to take the one and only national site for citizens’ digital identification offline (link in Dutch, Google translation to English). Here is the English-language placeholder page for the now-offline site. This means that 16 million Dutch citizens cannot authenticate themselves anymore with government instances, and that those same government instances can not communicate anything to those same citizens anymore.” Fixes were released, so it looks like it’s on their sysadmin team now.

Additional reading can be found at the original author’s post.