[Bug 385436] Re: DoS vulnerability in BigDecimal Ruby Library

John Leach Wed, 10 Jun 2009 12:30:27 -0700

This upstream patch fixes this bug:

http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=23652


Unfortunately, hunk #14 fails to apply to Hardy's Ruby source.  It looks
like the BigDecimal_to_f function has been rewritten since Hardy's
version of Ruby (1.8.6.111).

** Bug watch added: Debian Bug tracker #532689
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532689

** Also affects: ruby1.8 (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532689
   Importance: Unknown
       Status: Unknown

-- 
DoS vulnerability in BigDecimal Ruby Library
https://bugs.launchpad.net/bugs/385436
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 385436] Re: DoS vulnerability in BigDecimal Ruby Library

Reply via email to