On Fri, 2010-08-27 at 16:23 -0700, Ware, Ryan R wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > =========================================================================== > == > MeeGo-SA-10:19.ruby Security Advisory > MeeGo > Project > > Topic: Remote Script Injection via Ruby WEBrick > > Category: Scripting > Module: ruby > Announced: August 3, 2010 > Affects: MeeGo 1.0 > Corrected: August 3, 2010 > MeeGo BID: 3357 > CVE: CVE-2010-0541 ... > Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in > Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote > attackers to inject arbitrary web script or HTML via a crafted URI > that triggers a UTF-7 error page.
This affects Mac OS X according to the description. Is it more than that? Why are we incorporating patches that only affect other platforms? Cheers -- Michael Leibowitz <michael.leibow...@intel.com> _______________________________________________ MeeGo-dev mailing list MeeGo-dev@meego.com http://lists.meego.com/listinfo/meego-dev