On 05/03/08 at 15:15 +0100, Thijs Kinkhorst wrote: > On Wednesday 5 March 2008 13:59, Daigo Moriwaki wrote: > > WEBrick, a standard library of Ruby to implement HTTP servers, has file > > access vulnerability[1]. Attackers may access private files. The fixed > > versions have been released by the upstream. > > Hi, > > I read on [1] the following: > > | Affected systems are: > | > | 1. Systems that accept backslash (\) as a path separator, such as Windows. > | 2. Systems that use case insensitive filesystems such as NTFS on Windows, > | HFS on Mac OS X. > > I'm marking these issues as not-vulnerable in Debian according to this > information.
OK, so no need to prepare updates for other versions of ruby. I'm closing the bug in ruby1.9. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |
signature.asc
Description: Digital signature