Fix WEBrick's Escape Sequence Injection vulnerability
Bug #509392 reported by
Jones D. Le
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ruby1.9.1 (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
Binary package hint: ruby1.9.1
A vulnerability was found on WEBrick, a part of Ruby's standard library. WEBrick lets attackers to inject malicious escape sequences to its logs, making it possible for dangerous control characters to be executed on a victim's terminal emulator. More info can be found here: http://
p378 is released to fix this security bug. Please bump to p378 to fix this
CVE References
visibility: | private → public |
Changed in ruby1.9.1 (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → Low |
Changed in ruby1.9.1 (Ubuntu): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.