[#JRUBY-2966] REXML DOS issue in Ruby 1.8 libraries - jira.codehaus.org

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: JRuby 1.1.4
Fix Version/s: JRuby 1.1.5
Component/s: Miscellaneous
Labels:
None

Number of attachments :
0

Description

See here: http://www.infoq.com/news/2008/08/rexml-entity-explosion-dos-fix

There are patches available. For 1.1.5.

Activity

All
Comments
Work Log
History
Activity

Hide

Permalink

Charles Oliver Nutter added a comment - 20/Oct/08 5:42 PM

Tracked down the commit to Ruby's repo to r19033, and applied the same to our repo with a slight modification to add the rexml document test. Committed in r7899.

Show

Charles Oliver Nutter added a comment - 20/Oct/08 5:42 PM Tracked down the commit to Ruby's repo to r19033, and applied the same to our repo with a slight modification to add the rexml document test. Committed in r7899.

People

Assignee:

Charles Oliver Nutter

Reporter:

Charles Oliver Nutter

Vote (0)

Watch (1)

Dates

Created:

01/Sep/08 7:04 PM

Updated:

12/Jan/09 4:28 PM

Resolved:

20/Oct/08 5:42 PM

JRuby

REXML DOS issue in Ruby 1.8 libraries

Details

Description

Activity

People

Dates