[Mongrel] [SEC] Mongrel Temporary Fix For cgi.rb 99% CPU DoS Attack
Zed A. Shaw
zedshaw at zedshaw.com
Thu Oct 26 17:00:17 EDT 2006
On Thu, 26 Oct 2006 10:11:36 -0400
"Ian C. Blenke" <ian at blenke.com> wrote:
> Zed A. Shaw wrote:
> We're using debian ruby 1.8.4-1, apache 2.2.3, mod_proxy_balancer, no
> camping, and mongrel 0.3.13.5 (is this pre-0.3.14?) plus the patch for
> svn rev 356, and ruby cvs cgi.rb rev 1.19. I haven't seen any missing
> file errors in the apache logs since the upgrade from 0.3.13.3.
What's this "patch for svn rev 356" you speak of? Is it something I should include?
Zed A. Shaw, MUDCRAP-CE Master Black Belt Sifu
http://safari.oreilly.com/0321483502 -- The Mongrel Book
http://www.lingr.com/room/3yXhqKbfPy8 -- Come get help.
More information about the Mongrel-users