Entries Tagged as 'Ruby'
August 27th, 2008 · 1 Comment
Here is a security announcement for the REXML library (links by me) in the Ruby news:
There is a DoS vulnerability in the REXML library used by Rails to parse incoming XML requests. A so-called "XML entity explosion" attack technique can be used for remotely bringing down (disabling) any application which parses user-provided XML. […]
[Read more →]
Tags: Rails · Ruby
Here is the news from the Rails Log:
Drew Yao at Apple uncovered a handful of nasty security vulnerabilities affecting all current versions of Ruby. The details are still under wraps because an attacker can DoS you or possibly execute arbitrary code—holy crap! Better upgrade sooner than later.
According to the official Ruby […]
[Read more →]
Tags: Ruby
