1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information.

Browse Source 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@29026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
wyhaines 2010-08-17 18:36:29 +00:00
parent 6f1649e091
commit 11183a22ef
3 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog
View File

@ -1,10 +1,14 @@
Tue Aug 18 03:34:00 Kirk Haines <khaines@ruby-lang.org>
* lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information.
Tue Aug 18 03:27:00 Kirk Haines <khaines@ruby-lang.org>
* ext/bigdecimal/bigdecimal.c: Backport #2349 [ruby-core:26646]; fix comparisons. Also fix a bunch of bugs that lead to broken-ness and failing tests.
* ext/bigdecimal/bigdecimal.c: Backport #2349 [ruby-core:26646]; fix comparisons. Also fix a bunch of bugs that lead to broken-ness and failing tests. r29025
* test/bigdecimal/test_bigdecimal.rb: Backport #2349 [ruby-core:26646]; added a test suite.
* test/bigdecimal/test_bigdecimal.rb: Backport #2349 [ruby-core:26646]; added a test suite. r29025
* test/ruby/test_exception.rb: The test suite was breaking ZeroDivisionError, which in turn would break bigdecimal/test_bigdecimal.rb. Made a simple fix that keeps that test but does so non-destructively.
* test/ruby/test_exception.rb: The test suite was breaking ZeroDivisionError, which in turn would break bigdecimal/test_bigdecimal.rb. Made a simple fix that keeps that test but does so non-destructively. r29025
Wed Jun 23 04:26:00 Kirk Haines <khaines@ruby-lang.org>

2
lib/webrick/httpresponse.rb
View File

@ -209,7 +209,7 @@ module WEBrick
@keep_alive = false
self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR
end
@header['content-type'] = "text/html"
@header['content-type'] = "text/html; charset=ISO-8859-1"
if respond_to?(:create_error_page)
create_error_page()

2
version.h
View File

@ -2,7 +2,7 @@
#define RUBY_RELEASE_DATE "2010-08-18"
#define RUBY_VERSION_CODE 186
#define RUBY_RELEASE_CODE 20100818
#define RUBY_PATCHLEVEL 419
#define RUBY_PATCHLEVEL 420
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8