Untested fix for the command injection vulnerability. #85

Open
wants to merge 2 commits into
from

Conversation

Projects
None yet
2 participants

Hi,
I didn't test this fix, but it should mitigate the command injection vulnerability I sent you guys. Please review? and let me know if it looks correct? thanks!

skorth commented Dec 17, 2013

Just saw this entry http://www.osvdb.org/show/osvdb/100920. Are all versions effected or just the current one? Would like to add it to https://github.com/rubysec/ruby-advisory-db.

I'll have to verify. I think all versions but haven't checked.

On Dec 17, 2013, at 4:09 AM, S.Korth notifications@github.com wrote:

Just saw this entry http://www.osvdb.org/show/osvdb/100920. Are all versions effected or just the current one? Would like to add it to https://github.com/rubysec/ruby-advisory-db.


Reply to this email directly or view it on GitHub.

This impacts all versions. Thanks!

skorth referenced this pull request in rubysec/ruby-advisory-db Dec 19, 2013

Merged

Add Webbynode Gem #68

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment