Issue Details (XML | Word | Printable)

Key: JRUBY-2966
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Charles Oliver Nutter
Reporter: Charles Oliver Nutter
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
JRuby

REXML DOS issue in Ruby 1.8 libraries

Created: 01/Sep/08 07:04 PM   Updated: 12/Jan/09 04:28 PM
Component/s: Miscellaneous
Affects Version/s: JRuby 1.1.4
Fix Version/s: JRuby 1.1.5

Time Tracking:
Not Specified


 Description  « Hide
See here: http://www.infoq.com/news/2008/08/rexml-entity-explosion-dos-fix

There are patches available. For 1.1.5.

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permalink | « Hide ]
Charles Oliver Nutter added a comment - 20/Oct/08 05:42 PM
Tracked down the commit to Ruby's repo to r19033, and applied the same to our repo with a slight modification to add the rexml document test. Committed in r7899.


Powered by a free Atlassian JIRA open source license for Codehaus. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.3-#344) - Bug/feature request - Atlassian news - Contact Administrators