Rails 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1, and rails-html-sanitizer 1.0.3 发布，有重要安全修复，请尽快更新：

• CVE-2015-7576 Timing attack vulnerability in basic authentication in Action Controller.

• CVE-2016-0751 Possible Object Leak and Denial of Service attack in Action Pack

• CVE-2015-7577 Nested attributes rejection proc bypass in Active Record.

• CVE-2016-0752 Possible Information Leak Vulnerability in Action View

• CVE-2016-0753 Possible Input Validation Circumvention in Active Model

• CVE-2015-7581 Object leak vulnerability for wildcard controller routes in Action Pack

更多内容：

• Changes in 5.0.0.beta1.1

• Changes in 4.2.5.1

• Changes in 4.1.14.1

• Changes in 3.2.22.1