Date: Mon, 13 Nov 2006 10:35:07 -0500 From: Jeff Dickens <jeff@seamanpaper.com> To: freebsd-questions@freebsd.org Subject: ruby Vulnerability / portupgrade Message-ID: <455890AB.1000807@seamanpaper.com>
next in thread | raw e-mail | index | archive | help
Regarding the following vulnerabilities as detected by portaudit:
Affected package: ruby-1.8.4_4,1
Type of problem: ruby -- cgi.rb library Denial of Service.
Reference:
<http://www.FreeBSD.org/ports/portaudit/ab8dbe98-6be4-11db-ae91-0012f06707f0.html>;
Affected package: ruby-1.8.4_4,1
Type of problem: ruby - multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html>;
I see that ruby is only required by portupgrade. Anyone know if there going to be a fix for this vulnerability any time soon? Anyone asked the ruby guys?
# pkg_info -R ruby-1.8.4_4,1
Information for ruby-1.8.4_4,1:
Required by:
portupgrade-2.0.1_1,1
ruby18-bdb1-0.2.2
# pkg_info -R ruby18-bdb1-0.2.2
Information for ruby18-bdb1-0.2.2:
Required by:
portupgrade-2.0.1_1,1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?455890AB.1000807>