From owner-freebsd-security@FreeBSD.ORG  Sat Jul 29 17:25:26 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 71BBE16A4DE;
	Sat, 29 Jul 2006 17:25:26 +0000 (UTC) (envelope-from sem@FreeBSD.org)
Received: from mail.ciam.ru (ns.ciam.ru [213.247.195.75])
	by mx1.FreeBSD.org (Postfix) with ESMTP id ECB5643D60;
	Sat, 29 Jul 2006 17:25:25 +0000 (GMT) (envelope-from sem@FreeBSD.org)
Received: from [87.240.16.199] (helo=[192.168.0.4])
	by mail.ciam.ru with esmtpa (Exim 4.x)
	id 1G6sZ1-0001U7-AX; Sat, 29 Jul 2006 21:25:23 +0400
Message-ID: <44CB99E4.2080708@FreeBSD.org>
Date: Sat, 29 Jul 2006 21:24:52 +0400
From: Sergey Matveychuk <sem@FreeBSD.org>
User-Agent: Thunderbird 1.5.0.2 (X11/20060429)
MIME-Version: 1.0
To: Shaun Amott <shaun@FreeBSD.org>
References: <200607280503.k6S53hmW007056@app.auscert.org.au>
	<20060729163453.GA89895@picobyte.net>
In-Reply-To: <20060729163453.GA89895@picobyte.net>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Joel Hatton <freebsd@auscert.org.au>, ports@freebsd.org,
	freebsd-security@freebsd.org
Subject: Re: Ruby vulnerability?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jul 2006 17:25:26 -0000

Shaun Amott wrote:
> On Fri, Jul 28, 2006 at 03:03:43PM +1000, Joel Hatton wrote:
>> FYI, Red Hat released an advisory today about a vulnerability in Ruby. So
>> far it doesn't appear in the VuXML, but am I correct in presuming it will
>> soon?
>>
> 
> I've added it; thanks for the report.
> 

Can we get patches somewhere? I can't find any.

-- 
Dixi.
Sem.