Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: ruby file creation due in insertion of illegal NUL character
From: Vincent Danen <vdanen () redhat com>
Date: Fri, 12 Oct 2012 14:50:41 -0600

Just noticed this today on ruby's web site:

http://preview.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability/

The fix is located here:

http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37163

I don't see a CVE name associated with the announcement or commit, so
I don't believe one has been assigned.

--
Vincent Danen / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]