Skip to content
This repository
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

file 21 lines (16 sloc) 1.847 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
這裡你可以找到 Ruby 的安全問題資訊。

== 回報安全缺陷(Security Vulnerabilities)

安全缺陷回報請透過 email 至 security@ruby-lang.org (((<the PGP public key|URL:/security.asc>))) ,這是一個保密的郵件論壇。回報的問題會直到修正之後才會公布出來。

== 已知的缺陷問題

以下最近的問題列表:

* ((<"Buffer over-run in ARGF.inplace_mode="|URL:http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/>)) published at 2 Jul, 2010.
* ((<"WEBrick has an Escape Sequence Injection vulnerability"|URL:http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection//>)) published at 10 Jan, 2010
* ((<"Heap overflow in String"|URL:http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string/>)) published at 7 Dec, 2009
* ((<"DoS vulnerability in REXML"|URL:/en/news/2008/08/23/dos-vulnerability-in-rexml/>)) published at 23 Aug, 2008
* ((<"Multiple vulnerabilities in Ruby"|URL:/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/>)) published at 8 Aug, 2008
* ((<"Arbitrary code execution vulnerabilities"|URL:/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/>)) published at 20 Jun, 2008
* ((<"File access vulnerability of WEBrick"|URL:/en/news/2008/03/03/webrick-file-access-vulnerability/>)) published at 3 Mar, 2008
* ((<"Net::HTTPS Vulnerability"|URL:/en/news/2007/10/04/net-https-vulnerability/>)) published at 4 Oct, 2007
* ((<"Another DoS Vulnerability in CGI Library"|URL:/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/>)) published at 4 Dec, 2006
* ((<"DoS Vulnerability in CGI Library"|URL:/en/news/2006/11/03/CVE-2006-5467/>)) published at 3 Nov, 2006
* ((<"Ruby vulnerability in the safe level settings"|URL:/en/news/2005/10/03/ruby-vulnerability-in-the-safe-level-settings/>)) published at 2 Oct, 2005
Something went wrong with that request. Please try again.