On Thu, Aug 28, 2008 at 5:19 AM, Shugo Maeda <shugo.maeda / gmail.com> wrote:
> Hi,
>
> "Gregory Brown" <gregory.t.br... / gmail.com> wrote:

>> If we are talking about a vulnerability in standard Ruby, we should be
>> able to patch standard Ruby and be done with it, not be required to
>> use some hackish monkeypatch in every application we write.  Ruby core
>> does of course, maintain Ruby's standard library (or so we hope.)
>
> There are some considerations to apply this fix to the Ruby's standard
> library.  This vulnerability (not Ruby specific but in general)
> had been known for a long time, so we decided to provide a monkey
> patch
> for a workaround.
>
> We are discussing some considerations on ruby-dev ML, and I'll send
> a mail with details to ruby-core ML later.

Okay, I'll look out for that.  Thanks!

-greg

-- 
Technical Blaag at: http://blog.majesticseacreature.com | Non-tech
stuff at: http://metametta.blogspot.com