On 11/01/10 at 09:20 +0900, Daigo Moriwaki wrote: > Package: ruby1.9 > Severity: grave > Tags: security > Justification: user security hole > > The upstream has released a vulnerability fix in WEBrick, a part of Ruby's > standard library. WEBrick lets attackers to inject malicious escap > e sequences to its logs, making it possible for dangerous control characters > to be executed on a victim's terminal emulator.
Fixed everywhere except ruby1.9/lenny, which I'm tempted to ignore. -- | Lucas Nussbaum | [email protected] http://www.lucas-nussbaum.net/ | | jabber: [email protected] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

