[Mongrel] patched ruby seems to break mongrel?

Evan Weaver evan at cloudbur.st
Mon Jun 23 12:46:28 EDT 2008


I'm using 1.8.6-p230 locally and will fix any problems I happen to
come across. What architecture are you using?

Also, 1.8.7 is a little shaky right now; I recommend avoiding it.

Evan

On Mon, Jun 23, 2008 at 10:28 AM, David Shettler
<dave at opensecurityfoundation.org> wrote:
> ah, excellent, thanks for pointing me there.  Not sure why I didn't
> check there first!
>
> And in terms of them being bugs vs vulnerabilities, well, I'm biased :)
>
> They have CVE's, which will get them on our site (osvdb) -- which is
> 'vulnerable' to these problems!  Ironic, and hence my concern.
>
>> I still think those are not vulnerabilities but bugs, anyway...
>>
>> http://weblog.rubyonrails.com/2008/6/21/multiple-ruby-security-vulnerabilities
>>
>> More important: read the comments, are more valuable than the blog post itself.
>>
>> Regards,
>> --
>> Luis Lavena
>> AREA 17
> _______________________________________________
> Mongrel-users mailing list
> Mongrel-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mongrel-users
>



-- 
Evan Weaver


More information about the Mongrel-users mailing list