[Mongrel] patched ruby seems to break mongrel?

David Shettler dave at opensecurityfoundation.org
Mon Jun 23 10:28:35 EDT 2008


ah, excellent, thanks for pointing me there.  Not sure why I didn't
check there first!

And in terms of them being bugs vs vulnerabilities, well, I'm biased :)

They have CVE's, which will get them on our site (osvdb) -- which is
'vulnerable' to these problems!  Ironic, and hence my concern.

> I still think those are not vulnerabilities but bugs, anyway...
>
> http://weblog.rubyonrails.com/2008/6/21/multiple-ruby-security-vulnerabilities
>
> More important: read the comments, are more valuable than the blog post itself.
>
> Regards,
> --
> Luis Lavena
> AREA 17


More information about the Mongrel-users mailing list