http://www.getharvest.com/blog/2009/06/ruby-denial-of-service-patch-breaks-bigdecimal-to_f-method/ Time is money. Track it wisely. Wed, 10 Mar 2010 20:20:42 +0000 http://wordpress.org/?v=2.9.2 hourly 1 http://www.getharvest.com/blog/2009/06/ruby-denial-of-service-patch-breaks-bigdecimal-to_f-method/comment-page-1/#comment-440 Barry Hess Tue, 16 Jun 2009 13:02:24 +0000 http://www.getharvest.com/blog/?p=845#comment-440 FYI, <a href="http://www.ruby-forum.com/topic/189053#827091" rel="nofollow">1.8.7-p174 has been released</a> to fix the holes in BigDecimal. FYI, 1.8.7-p174 has been released to fix the holes in BigDecimal.

]]> http://www.getharvest.com/blog/2009/06/ruby-denial-of-service-patch-breaks-bigdecimal-to_f-method/comment-page-1/#comment-431 Ezra Zygmuntowicz Wed, 10 Jun 2009 21:47:56 +0000 http://www.getharvest.com/blog/?p=845#comment-431 Good catch. Luckily when we patched ruby-1.8.6 Kirk wrote specs for this and so the ruby-1.8.6_p369 we released yesterday does not fail like this but 1.8.7 does. Good catch. Luckily when we patched ruby-1.8.6 Kirk wrote specs for this and so the ruby-1.8.6_p369 we released yesterday does not fail like this but 1.8.7 does.

]]> http://www.getharvest.com/blog/2009/06/ruby-denial-of-service-patch-breaks-bigdecimal-to_f-method/comment-page-1/#comment-430 Kirk Haines Wed, 10 Jun 2009 21:46:17 +0000 http://www.getharvest.com/blog/?p=845#comment-430 Just to clarify, this works right in 1.8.6-p369. Just to clarify, this works right in 1.8.6-p369.

]]>