[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CVE-2011-4815: Hashdos in ruby unfixed

Hi everyone,

apparently the wheezy version of ruby ( got a fix for CVE-2011-4815
but not the squeeze package. Is there a special reason for that?

A colleague prepared a back-port patch for the squeeze package. It would be
great if this will find it's way into the squeeze package.

Also, if someone has a "ready to run" test script handy to check if this patch
works properly feel free to do so.



Attachment: randomize_hash_backport.patch.gz
Description: GNU Zip compressed data

Reply to: