87244aa155
This fixes a DNS spoofing vulnerability in Ruby's resolver lib. (CVE-2008-1447) A DoS vulnerability in WEBrick(CVE-2008-3656), problems with Ruby's safelevel implementation (CVE-2008-3655) and a taint check problem in Ruby's dynamic loader (CVE-2008-3657) got fixed as well. This also contains a fix for the REXML DoS issue. (CVE-2008-3790) More information: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ Tested by Jeremy Evans and jcs@. Thanks! |
||
|---|---|---|
| .. | ||
| patch-common_mk | ||
| patch-configure | ||
| patch-lib_fileutils_rb | ||
| patch-lib_rexml_document_rb | ||
| patch-lib_rexml_entity_rb | ||