Red Hat Bugzilla – Bug 138366
CAN-2004-0983 Denial of Service in Ruby
Last modified: 2007-11-30 17:10:53 EST
Upstream has fixed a denial of service issue in ruby. The CGI module
could enter into an infinite loop if a specially crafted request is
sent to it.
This issue should also affect FC2.
attachment 106289 [details] contains the patch for this issue.
This issue appears to also affect FC1 (Legacy). See
for our response to this.
This issue is not the same one covered by
That bug deals with insecure temporary files, this issue is a DoS.
Both deal with the Ruby CGI layer though.
should be fixed in 1.8.1-6.FC2.0 and 1.8.1-7.FC3.1