RubyFlow The Ruby and Rails community linklog


The Ruby and Rails community linklog

Made a library? Written a blog post? Found a useful tutorial? Share it with the Ruby community here or just enjoy what everyone else has found!

RubySec Summary of CVE-2013-6393 aka "you're probably vulnerable"

Recently, it was disclosed that libyaml <= 0.1.4 is vulnerable to a heap overflow. libyaml is used by Ruby’s Psych YAML parser, which ships with Ruby >= 1.9.2 and was made the default YAML parser in Ruby 1.9.3. Find out if you are vulnerable and how to upgrade libyaml.

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in