http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 http://www.ruby-lang.org/ja/news/2006/11/02/CVE-2006-5467/ (Japanese) According these URL, Ruby cgi.rb library has DoS vulnerability. Fix: You can find a patch for this vulnerability as following URL: http://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-cgi-dos-1.patch
State Changed From-To: open->feedback Which port is this about?
Oh, sorry. Probably following ports have this vulnerability. ruby16/ ruby16_static/ ruby18/ ruby18_static/ 2006/11/4, Edwin Groothuis <edwin@freebsd.org>: > Synopsis: Ruby cgi.rb library has DoS vulnerability > > State-Changed-From-To: open->feedback > State-Changed-By: edwin > State-Changed-When: Fri Nov 3 22:18:40 UTC 2006 > State-Changed-Why: > Which port is this about? > > http://www.freebsd.org/cgi/query-pr.cgi?pr=105113 > -- UEDA "BSD mad" Hiroyuki <bsdmad@gmail.com>
Responsible Changed From-To: freebsd-ports-bugs->stas I'll take it.
stas 2006-11-04 10:04:11 UTC FreeBSD ports repository Modified files: lang/ruby18 Makefile Added files: lang/ruby18/files patch-lib_cgi.rb Log: - Add a workaround for the recently disclosed DoS vulnerability in the cgi.rb ruby18 module - Bump portrevision PR: ports/105113 Submitted by: UEDA Hiroyuki <BSDmad@gmail.com> Revision Changes Path 1.118 +1 -1 ports/lang/ruby18/Makefile 1.1 +11 -0 ports/lang/ruby18/files/patch-lib_cgi.rb (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed. Thanks!