[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

ruby 1.8.6 p230 - really a fix?

Michal Suchanek

6/25/2008 8:42:00 AM

Hello

reading http://www.rubyinside.com/june-2008-ruby-security-vulnerabilitie...
I find the current state somewhat unsettling. I have not hit the
problem myself so I can only rely on the comments there. These seem to
indicate that the p230 does not really resolve the issue, only changes
a hang into a crash or something like that.

I would appreciate if somebody could shed some light on this issue.

Thanks

Michal
4 Answers

Maga

6/25/2008 8:47:00 AM

0

[Note: parts of this message were removed to make it a legal post.]

unsubscribe

Sumayah Hassim

6/25/2008 8:50:00 AM

0

unsubscribe

On 6/25/08, Maga <maga1982@gmail.com> wrote:
> unsubscribe
>

Greg Donald

6/25/2008 4:25:00 PM

0

On Wed, Jun 25, 2008 at 3:42 AM, Michal Suchanek <hramrach@centrum.cz> wrote:
> reading http://www.rubyinside.com/june-2008-ruby-security-vulnerabilitie...
> I find the current state somewhat unsettling. I have not hit the
> problem myself so I can only rely on the comments there. These seem to
> indicate that the p230 does not really resolve the issue, only changes
> a hang into a crash or something like that.
>
> I would appreciate if somebody could shed some light on this issue.

Geez. I've spent my last two evenings trying to figure out why I
can't upgrade, only to find it may be pointless to upgrade?

http://groups.google.com/group/rubyonrails-talk/browse_thread/thread/37411a24c95a...

http://groups.google.com/group/rubyonrails-talk/browse_thread/thread/9b9cbc212298...


--
Greg Donald
http://des...

SurviveStyle5

6/25/2008 7:21:00 PM

0

It kind of looks like alot of rails things are broken via this ruby
update, There are reports out there from varying people claiming that
older or newer versions of ruby/rails combination will work. I'm kind
of waiting for Rails Core to post something or a fix soon until then
if you are feeling frisky read the zed shaw analysis on the exploit
found here... http://www.zedshaw.com/rants/the_big_ruby_vulnerabil...
and start trying to work through the seg faults.