oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Retroactive CVE request for Ruby 1.9.2-p330

From: Tony Arcieri <bascule () gmail com>
Date: Mon, 13 Jul 2015 11:14:01 -0700
Requesting a retroactive CVE for this 2014 issue:

https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/

I'd describe it as "Regular expression denial-of-service attack in form
component processing"

See this GitHub issue for additional discussion:

https://github.com/ruby/www.ruby-lang.org/issues/817

-- 
Tony Arcieri
Previous By Date Next
Previous By Thread Next

Current thread: