ruby Vulnerability / portupgrade
Jeff Dickens
jeff at seamanpaper.com
Mon Nov 13 15:35:17 UTC 2006
Regarding the following vulnerabilities as detected by portaudit:
Affected package: ruby-1.8.4_4,1
Type of problem: ruby -- cgi.rb library Denial of Service.
Reference:
<http://www.FreeBSD.org/ports/portaudit/ab8dbe98-6be4-11db-ae91-0012f06707f0.html>
Affected package: ruby-1.8.4_4,1
Type of problem: ruby - multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html>
I see that ruby is only required by portupgrade. Anyone know if there going to be a fix for this vulnerability any time soon? Anyone asked the ruby guys?
# pkg_info -R ruby-1.8.4_4,1
Information for ruby-1.8.4_4,1:
Required by:
portupgrade-2.0.1_1,1
ruby18-bdb1-0.2.2
# pkg_info -R ruby18-bdb1-0.2.2
Information for ruby18-bdb1-0.2.2:
Required by:
portupgrade-2.0.1_1,1
More information about the freebsd-questions
mailing list