Just for your information:
The patches against 1.8.5 for CVE-2007-5162 you can find here: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13502 The patches against 1.8.6 for CVE-2007-5162 you can find here: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504
For CVE-2007-5770 you can find here: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656
smtp.rb and pop.rb are not affected in our releases, because until then they didn't have any SSL operations enabled. That was changed later.
Regards,
\sh
Just for your information:
The patches against 1.8.5 for CVE-2007-5162 you can find here: http:// svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13502 svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13504
The patches against 1.8.6 for CVE-2007-5162 you can find here:
http://
For CVE-2007-5770 you can find here: svn.ruby- lang.org/ cgi-bin/ viewvc. cgi?view= rev&revision= 13656
http://
smtp.rb and pop.rb are not affected in our releases, because until then they didn't have any SSL operations enabled. That was changed later.
Regards,
\sh