October 2012 Archives

RuPy 2012 coming very soon

RuPy 2012 – the 5th edition Ruby, Python and JavaScript conference for hackers across the two hemispheres. 16-18 November 2012 in Brno, 8-9 December in São José.

Continue Reading...

Ruby 1.9.3-p286 is released

Ruby 1.9.3-p286 is released.

Continue Reading...

Unintentional file creation caused by inserting an illegal NUL character (CVE-2012-4522)

A vulnerability was found that file creation routines can create unintended files by strategically inserting NUL(s) in file paths. This vulnerability has been reported as CVE-2012-4522.

Continue Reading...

$SAFE escaping vulnerability about Exception#to_s / NameError#to_s (CVE-2012-4464, CVE-2012-4466)

Vulnerabilities found for Exception#to_s, NameError#to_s, and name_err_mesg_to_s() which is Ruby interpreter-internal API. A malicious user code can bypass $SAFE check by utilizing one of those security holes.

Continue Reading...

<< Back to 2012 Archives