On January 8th, the team behind the Ruby on Rails framework announced critical security vulnerabilities. Ruby on Rails is an open source web development framework which is used by Tableau Server, which is in turn affected by these vulnerabilities. You can read more about these vulnerabilities at http://weblog.rubyonrails.org. The Ruby on Rails team has released corrections to these vulnerabilities, which the Tableau Development team is incorporating into Tableau Server and is expecting to release version 7.0.12 including the Ruby on Rails framework patches by end of day January 15, 2013. Tableau Server version 6.1.12 with only the patches for the Ruby on Rails framework will release within 2 weeks.
Until the new version of Tableau Server releases, we recommend following the steps in the KB article below daily to reduce the impact to your data stored in Tableau Server.
Thank you for your patience while we integrate these patches into the new builds. If you would like to take advantage of the upgrade assistance program to upgrade to 7.0.12, please contact Tableau Technical Support at firstname.lastname@example.org.