[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CVE-2009-5147 in ruby{1.8,1.9.1}


I've taken a look to
in the 1.8 and 1.9.1 versions of ruby and I am unsure if they deserve a
DLA/DSA by their own.

I've been unable to find more information to take advantage of this
issue, and other vendors consider this as low priority and even wontfix.

For squeeze, the patches are already on the collab-maint repos. I can do
it for wheezy too. Do you think it's ok to wait to upload them along
with a further and more important fix?



Attachment: signature.asc
Description: Digital signature

Reply to: