oss-sec mailing list archives
Retroactive CVE request for Ruby 1.9.2-p330
From: Tony Arcieri <bascule () gmail com>
Date: Mon, 13 Jul 2015 11:14:01 -0700
Requesting a retroactive CVE for this 2014 issue: https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/ I'd describe it as "Regular expression denial-of-service attack in form component processing" See this GitHub issue for additional discussion: https://github.com/ruby/www.ruby-lang.org/issues/817 -- Tony Arcieri
Current thread:
- Retroactive CVE request for Ruby 1.9.2-p330 Tony Arcieri (Jul 13)
- Re: Retroactive CVE request for Ruby 1.9.2-p330 cve-assign (Jul 13)