rails.git - Mirror of official rails repo with custom fixes.

diff options

author	Aaron Patterson <aaron.patterson@gmail.com>	2015-06-09 11:24:25 -0700
committer	Rafael Mendonça França <rafaelmfranca@gmail.com>	2015-06-16 12:10:51 -0300
commit	153cc843ad95930b00b0ca91d30b599b7dec9680 (patch)
tree	6d8f7c2ada15931eb505d445ffab711c02da8b98 /railties
parent	b344986bc3d94ca7821fc5e0eef1874882ac6cbb (diff)
download	rails-153cc843ad95930b00b0ca91d30b599b7dec9680.tar.gz rails-153cc843ad95930b00b0ca91d30b599b7dec9680.tar.bz2 rails-153cc843ad95930b00b0ca91d30b599b7dec9680.zip

enforce a depth limit on XML documents

XML documents that are too deep can cause an stack overflow, which in turn will cause a potential DoS attack. CVE-2015-3227 Conflicts: activesupport/lib/active_support/xml_mini.rb

Diffstat (limited to 'railties')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: