Package: ruby1.8
Version: 1.8.5-4etch2
Severity: grave
Tags: security
Justification: user security hole
The rexml lib is vulnerable to a DoS attack.
Please see
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/.
I know there isn't an official patch yet (except the
On Wednesday 27 August 2008 17:56, Frank Louwers wrote:
The rexml lib is vulnerable to a DoS attack.
Please see
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/.
This is CVE-2008-3790. Please mention it in the package changelog on uploads.
Thijs
pgpzxooaDe7u4.pgp
2 matches
Mail list logo
