Project

General

Profile

Actions
Copy link

Bug #798

closed

r19320 updated REXML but didn't increment REXML::VERSION

Added by bitsweat (Jeremy Daer) over 15 years ago. Updated about 13 years ago.

Status:
Closed
Assignee:
shugo (Shugo Maeda)
Target version:
-
ruby -v:
[ruby-core:20113]

Description

=begin
r19320 backported the entity_expansion_limit fix to 1.8,
but REXML::VERSION was not incremented from "3.1.7.2" to "3.1.7.3"

Must load REXML to check for DoS safety

require 'rexml/document'; REXML::Document.respond_to?(:entity_expansion_limit=).

Simpler and saves 1MB memory.

require 'rexml/rexml'; REXML::VERSION > '3.1.7.2'

Index: lib/rexml/rexml.rb

--- lib/rexml/rexml.rb (revision 20354)
+++ lib/rexml/rexml.rb (working copy)
@@ -23,7 +23,7 @@

online[http://www.germane-software.com/software/rexml/docs/tutorial.html]

module REXML
COPYRIGHT = "Copyright \xC2\xA9 2001-2006 Sean Russell "

  • VERSION = "3.1.7.2"
  • VERSION = "3.1.7.3"
    DATE = "2007/275"
    REVISION = "$Revision$".gsub(/$Revision:|$/,'').strip
    =end
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0