clone 487238 -1 reassign -1 ruby1.9 1.9.0.1-1 thanks On 20/06/08 at 22:52 +0900, Daigo Moriwaki wrote: > The upstream has announced multiple vulnerabilities in Ruby. They may lead > to a denial of service (DoS) condition or allow execution of arbitrary code. > * CVE-2008-2662 > * CVE-2008-2663 > * CVE-2008-2725 > * CVE-2008-2726 > * CVE-2008-2727 > * CVE-2008-2728 > * CVE-2008-2664
OK, I think that the current status on this issue is the following: 1.8.7.22-1 (in unstable) apparently fixed the problem. 1.8.7-2 (in testing) is NOT FIXED. Release team, please let the unstable version migrate to testing. 1.8.5-4etch1 (in etch) is still not fixed. I don't think that a patch that only fixes this issue exists. Ruby 1.9: (there wasn't any bug filed, I cloned this one) 1.9.0.2 should be fixed, but that version FTBFS on most arches. (see #488362) -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]