reassign 401188 ruby1.8 tags 401188 + security thanks On 04/12/06 at 17:03 +0100, Benjamin Alterauge wrote: > Another vulnerability has been discovered in the CGI library (cgi.rb) > that ships with Ruby which could be used by a malicious user to create a > denial of service attack (DoS). > > Please note that the previous patch > (<URL:http://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-cgi-dos-1.patch>) > does not fix this problem. > > Continue Reading on > http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/
Hi Benjamin, This bug should have been filed against ruby1.8, since ruby is just a dependancy package. There are two issues in this bug report. The only one can only affect sarge, while the second one could affect etch as well as sarge. (not looking into source packages, only version numbers). Also, this is very similar to #398457 (for the first issue). -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
