Project

General

Profile

Actions

Bug #798

closed

r19320 updated REXML but didn't increment REXML::VERSION

Added by bitsweat (Jeremy Daer) over 15 years ago. Updated almost 13 years ago.

Status:
Closed
Target version:
-
ruby -v:
[ruby-core:20113]

Description

=begin
r19320 backported the entity_expansion_limit fix to 1.8,
but REXML::VERSION was not incremented from "3.1.7.2" to "3.1.7.3"

Must load REXML to check for DoS safety

require 'rexml/document'; REXML::Document.respond_to?(:entity_expansion_limit=).

Simpler and saves 1MB memory.

require 'rexml/rexml'; REXML::VERSION > '3.1.7.2'

Index: lib/rexml/rexml.rb

--- lib/rexml/rexml.rb (revision 20354)
+++ lib/rexml/rexml.rb (working copy)
@@ -23,7 +23,7 @@

online[http://www.germane-software.com/software/rexml/docs/tutorial.html]

module REXML
COPYRIGHT = "Copyright \xC2\xA9 2001-2006 Sean Russell "

  • VERSION = "3.1.7.2"
  • VERSION = "3.1.7.3"
    DATE = "2007/275"
    REVISION = "$Revision$".gsub(/$Revision:|$/,'').strip
    =end
Actions #1

Updated by shyouhei (Shyouhei Urabe) about 15 years ago

  • Assignee set to shugo (Shugo Maeda)

=begin

=end

Actions #2

Updated by shugo (Shugo Maeda) about 15 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

=begin
Applied in changeset r21994.
=end

Actions

Also available in: Atom PDF

Like0
Like0Like0