oss-sec mailing list archives
CVE id requests: ruby
From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Mon, 11 Aug 2008 19:06:10 +1000
Hi It seems that there was another ruby release, which addresses some security fixes. I guess the new ones are: * Several vulnerabilities in safe level * DoS vulnerability in WEBrick * Lack of taintness check in dl I didn't check their exploitability, but it might be good to have CVE ids for them anyway. Upstream page: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ Debian Bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 Cheers Steffen
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id requests: ruby Steffen Joeris (Aug 11)
- Re: CVE id requests: ruby Steven M. Christey (Aug 12)
- Re: CVE id requests: ruby Steven M. Christey (Aug 14)
- Re: CVE id requests: ruby Steven M. Christey (Aug 12)