[Secure-testing-team] Lenny security bug sprint

Moritz Muehlenhoff jmm at inutil.org
Mon Nov 17 06:02:50 UTC 2008


> ruby1.9 / CVE-2008-3443
>   This one's unclear. This needs to be reproduced with the milw0rm
>   POC and checked with upstream (other Ruby regex issues were recently
>   fixed).
> 
> ruby1.9 / CVE-2008-3905
>   Maybe this is already fixed and was only forgotten in the changelog,
>   needs further checks or contacting the maintainer.

I'll look into these two.

Cheers,
        Moritz



More information about the Secure-testing-team mailing list