oss-sec mailing list archives
Re: patch sets for recent ruby vulnerabilities
From: Jamie Strandboge <jamie () canonical com>
Date: Mon, 30 Jun 2008 17:54:49 -0400
----- Forwarded message from Shugo Maeda <security () ruby-lang org> ----- Date: Thu, 26 Jun 2008 12:16:52 +0900 From: Shugo Maeda <security () ruby-lang org> To: Jamie Strandboge <jamie () canonical com> Cc: security () ubuntu com Subject: Re: patch sets for recent ruby vulnerabilities Hello, 2008/6/25 Jamie Strandboge <jamie () canonical com>:
------------------------------------------------------------------------ r17530 | nobu | 2008-06-22 07:16:45 +0900 (Sun, 22 Jun 2008) | 2 lines Changed paths: M /branches/ruby_1_8/ChangeLog M /branches/ruby_1_8/string.c * string.c (str_buf_cat): check for self concatenation.Without having dived into the code yet, is this the fix for the regressions with rails and others?
No, it's not. The following commit may be the cause of the problems with Rails. ------------------------------------------------------------------------ r15856 | matz | 2008-03-30 00:47:54 +0900 (Sun, 30 Mar 2008) | 2 lines Changed paths: M /branches/ruby_1_8/ChangeLog M /branches/ruby_1_8/class.c * class.c (clone_method): should copy cref as well. [ruby-core:15833] -- Shugo Maeda ----- End forwarded message ----- -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Re: patch sets for recent ruby vulnerabilities Jamie Strandboge (Jun 30)
- <Possible follow-ups>
- Re: patch sets for recent ruby vulnerabilities Jamie Strandboge (Jun 30)