CVE-2012-2695 and CVE-2012-5664

A patched version of rails: https://github.com/drasch/rails/tree/2-2-stable

monkey patch for rails 2.2 for CVE-2012-2695: https://gist.github.com/4440606 

monkey patch for rails 2.2 (no modifications necessary from 2.3 version) https://gist.github.com/2921706