Hey all, patched ruby on my development and production environments to 1.8.6-p230 to address these new ruby vulnerabilities:
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/ mongrel began segfaulting after restarting. Then tried ruby 1.8.7-p22 and upgrading to rails 2.1.0 (from rails 2.0.2), same issue. Had to revert back to the vulnerable GA 1.8.6. Running centos 4, mongrel 1.1.5 (tried 1.1.3, 1.1.4 as well, all same results). Any further info I can provide, I'd be glad to. Dave OSVDB.org _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
