[前][次][番号順一覧][スレッド一覧]

ruby:1382

From: (SugHimsi==SUGIHARA Hiroshi) <maili31s@c...>
Date: Fri, 03 Nov 2006 21:36:17 +0900
Subject: [ruby:1382] Re: DoS脆弱性のニュースの英語版

すぎむし。

On Fri, 03 Nov 2006 14:15 JST, M.Suzuki wrote:

すばやい対処ごくろうさまです。が、一箇所「、」が残っていました。

遅いですが、自分ならこのように(だいぶ言い換えてますが)。

= On DoS vulonerability in ruby's CGI library

A recently found vulnerability CVE-... has been on public;
ruby's standard CGI library cgi.rb might cause DoS (Denial of
Service) state on the CGI service concerened, without great
difficulty.

Following workaround is available for affected cgi.rb users.

== Versions concerned

: 1.8 series
  All versions before 1.8.5.

: 1.9 series (development branch)
  All versions before 2006-09-23.

== Best action

Update ruby.

: For 1.8 series: 

Apply this patch [link] to ruby 1.8.5 (upgrade ruby if needed).
Its size is 367 bytes, and md5sum is 9d...

Probably the venders who are packaging ruby will undertake
measures against the vulnerability along this way.
For details / updated packages, please contact to each vendor.

: For 1.9 series (development branch): 

Update to the version later than 2006-09-23.

-- 
SugHimsi == SUGIHARA Hiroshi
maili31s at CLIO-Net


--
ML: ruby@m...
使い方: http://QuickML.com/

[前][次][番号順一覧][スレッド一覧]

      1378 2006-11-03 04:39 [maki@r...           ] DoS脆弱性のニュースの英語版             
      1379 2006-11-03 06:14 ┗[suzk@o...           ]                                       
      1380 2006-11-03 08:18  ┣[maki@r...           ]                                     
->    1382 2006-11-03 13:36  ┗[maili31s@c...       ]                                     
      1383 2006-11-04 19:49   ┗[maki@r...           ]                                   
      1384 2006-11-05 14:28    ┗[bsdmad@g...         ]                                 
      1385 2006-11-05 17:04     ┗[maki@r...           ]