Yes, the second hole is fixed in 1.8.6 but not previous.

On 6/28/07, Zed A. Shaw <[EMAIL PROTECTED]> wrote:
> On Thu, 28 Jun 2007 14:59:58 -0400
> "Evan Weaver" <[EMAIL PROTECTED]> wrote:
>
> > Yeah; I've been waiting for you to drop it since 1.8.6 was released.
> > I'll update the copyright.
>
> Not everyone has 1.8.6 and if that's the case then why are you actually 
> maintaining this and making releases?  If there's new security holes you have 
> fixed in this then are they also fixed in the 1.8.6 release?
>
> --
> Zed A. Shaw
> - Hate: http://savingtheinternetwithhate.com/
> - Good: http://www.zedshaw.com/
> - Evil: http://yearofevil.com/
> _______________________________________________
> Mongrel-users mailing list
> Mongrel-users@rubyforge.org
> http://rubyforge.org/mailman/listinfo/mongrel-users
>


-- 
Evan Weaver
Cloudburst, LLC
_______________________________________________
Mongrel-users mailing list
Mongrel-users@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-users

Reply via email to