Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Jul 2015 11:14:01 -0700
From: Tony Arcieri <bascule@...il.com>
To: oss-security@...ts.openwall.com
Subject: Retroactive CVE request for Ruby 1.9.2-p330

Requesting a retroactive CVE for this 2014 issue:

https://www.ruby-lang.org/en/news/2014/08/19/ruby-1-9-2-p330-released/

I'd describe it as "Regular expression denial-of-service attack in form
component processing"

See this GitHub issue for additional discussion:

https://github.com/ruby/www.ruby-lang.org/issues/817

-- 
Tony Arcieri

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ