Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Sun, 09 Mar 2008 17:18:04 -0800
From: Jonathan Smith <smithj@...ethemallocs.com>
To:  oss-security@...ts.openwall.com, 
 "Steven M. Christey" <coley@...re.org>
Subject: CVE request: ruby information disclosure

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gentoo has an open bug [1] indicating a minor information disclosure
issue in ruby. They also sortof indicate that there has been a CVE
request, but I can't find it anywhere. So either consider this a request
or a ping on an existing request :)

rPath also has an issue [2] if you need references.

[1]: https://bugs.gentoo.org/show_bug.cgi?id=212264
[2]: https://issues.rpath.com/browse/RPL-2338

	smithj

PS: should we use coley@...re.org or coley@...us.mitre.org?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (GNU/Linux)

iEYEARECAAYFAkfUjEwACgkQCG91qXPaRenIXQCfWN+RLznwWCyHscafOyiC6syv
fV4An3yogT7YIWH2x7IOpKw30F2y94T4
=66fA
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ