ah, excellent, thanks for pointing me there. Not sure why I didn't check there first!
And in terms of them being bugs vs vulnerabilities, well, I'm biased :) They have CVE's, which will get them on our site (osvdb) -- which is 'vulnerable' to these problems! Ironic, and hence my concern. > I still think those are not vulnerabilities but bugs, anyway... > > http://weblog.rubyonrails.com/2008/6/21/multiple-ruby-security-vulnerabilities > > More important: read the comments, are more valuable than the blog post > itself. > > Regards, > -- > Luis Lavena > AREA 17 _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
