similar to: Rails 1.1.5: Mandatory security patch (and other tidbits)

We''re still hard at work on Rails 1.2, which features all the new dandy REST stuff and more, but a serious security concern has come to our attention that needed to be addressed sooner than the release of 1.2 would allow. So here''s Rails 1.1.5! This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn''t affected by this). If you have a public

Hello, I'm just setting up a new server and wanting to use MySQL for user authentication. Here is what I have: Fedora Core 5: 2.6.17-1.2145_FC5 Dovecot v1.0.rc2 (RPM install from atrpms.net) MySQL v5.0.22 SquirrelMail v 1.4.6-7.fc5 ...Running on a Dual XEON machine I've added the following to dovecot.conf: auth default { passdb sql { args =

Hi all, I've just upgraded to latest 1.6.0 SVN from a few days ago and my Gosubs have stopped working. This is from the verbose logs: -- Executing [03333407271 at incoming-aaisp:4] GotoIf("IAX2/aaisp-3802", "1?5:7") in new stack -- Goto (incoming-aaisp,03333407271,5) -- Executing [03333407271 at incoming-aaisp:5] Gosub("IAX2/aaisp-3802",

a couple of things that really helped me when converting from mbox to maildir. First is to see how simple procmail changes could be. in your /etc/procmailrc file, just add the following. MAILDIR=$HOME/Maildir/ # Make sure this directory exists! DEFAULT=$MAILDIR if you're using per user procmail files, the exact same two lines will also work to ensure proper delivery. if

Hi, With kernel 2.4 I was able to use equalize to send our outgoing packets to two different routers (our isp supports this setup), like this: ip route add default src ip.a.dd.rr equalize nexthop via <router1> weight 1 nexthop via <router2> weight 1 The two routes were used equally on a per packet basis, not per flow or per cached route, but per packet, each line has 800k upload

Something I can't quite place finger on here. Altogether too much Mafia, in the bulk email business generally, and I know Switzerland borders on Italy ... This sounds, (albeit vaguely,) altogether too much like the thieves I seem to have fallen amongst lately. Two stolen trucks, three stolen laptops, another one wrecked, three or four stolen cell phones, passwords GPG keys, city hall hookers

Hey Timo, Thanks for the quick turnaround, once we have the test results I'll contact you again. Should I also include instructions on how to run the a self contained server with a dummy backend so you can independently verify our results? Leander Beernaert Proton AG ------- Original Message ------- On Thursday, February 23rd, 2023 at 8:59 PM, Timo Sirainen <timo at sirainen.com>

Hello, I am currently trying to emerge wine on my Gentoo AMD64 system, and it is currently failing on the last package. I haven't been able to make much sense out of the error message. If anyone knows what is going on or can otherwise point me to where I should look or anything to try, it would be greatly appreciated. Here is the error I am getting: make: *** [programs] Error 2 * *

Hi, I've downloaded the Speex-1.1.5 code and am trying to compile the Speexdec code using Microsoft VC++ 6.0 IDE. When I try to open the speexdec.dsw workspace, I get a dialog asking to locate the ogg_static file. I simply cancel that message, and then the project is opened in the VC++ 6.0 IDE. Now, when I simply try to compile the program, I receive this 5 error messages. error1.

I found a src.rpm for 1.1.5-1 for fc8 (not rh8!). I was able to rebuild it on my Centos build system. The rpms are identified as 1.1.5-1.i386.rpm, no el5 or other identification was placed in the files. I don't see how to control this when you rebuild from an existing src.rpm. Interestingly the fc8 designation was lost. I also rebuild it on my fc10 system. It worked, and the rpms have

Hi everyone, I want to get multiple DDI's and hunting across those DDI's in case one of the lines is busy using analog phone lines. The system is for a large house so I want 3 x PSTN lines. 3 x DDI's and the ability for those DDI's to be presented across all three PSTN lines. BT say you can't have more than one DDI number associated with a PSTN line and that you can't

My site was working fine earlier, but since the 1.1.5 upgrade at dreamhost it just hangs and hangs and then gives the "Application error, rails failed to load properly". Fastcgi was and still is enabled in the control panel. I had been using capistrano to deploy and it has been working well that way. The application works on my local box which has 1.1.6 running. I edited

Hi Chris, Thanks a lot for your help. I've been able to resolve all the errors except one. I don't have ogg.h header file, so when I try to build Speexdec.exe, I get an error d:\speex\speex-1.1.5\src\speexdec.c(44) : fatal error C1083: Cannot open include file: 'ogg/ogg.h': No such file or directory I don't have this file, but as I wrote in my previous mail, an ogg_static

Hey, I am trying to upgrade to 1.1.5 and rails no longer finds my controllers the live outside app/controllers. I was on 1.1.2 previously and here is my setup In environment.rb config.load_paths += [File.join(File.expand_path(RAILS_ROOT), "rails_shared/controllers") ] config.load_paths += [File.join(File.expand_path(RAILS_ROOT), "rails_shared/helpers") ]

Can''t install the latest mongrel (1.1.5) in JRuby (jruby revisions ranging from 6600 to 6750[trunk] checked) -- the platform is not being identified and it''s trying to do native compilation. I''m not sure it''s actually a problem with Mongrel or JRuby however -- perhaps there isn''t a mongrel-1.1.5-java.gem on rubyforge? Some investigation below: $

Hi An email with a mal-formed address in a header like: To:(receiver at domain.com (Starting with a comment, with no closing ')' ) causes dovecot 1.1.5 to panic and abort. This is similar to the problem fixed by: http://hg.dovecot.org/ dovecot-1.1/rev/04fdaa2f831e This patch seems to resolve the problem: --- dovecot-1.1.5/src/lib-mail/message-address.c.orig 2008-10-23

I ran yum update on a CentOS 6.0 machine against the CR repository and noticed that the nfs-utils-lib update broke my rcp.idmap settings: rpc.idmapd: libnfsidmap: processing 'Method' list rpc.idmapd: libnfsidmap: Unable to get init function: /usr/lib64/libnfsidmap/umich_ldap.so: undefined symbol: libnfsidmap_plugin_init rpc.idmapd: libnfsidmap: requested translation method,

Hi, all. I compiled and installed dovecot-1.1.3 with this cmd: # ./configure --prefix=/usr/local/dovecot --disable-ipv6 --with-mysql --with-ldap --with-zlib --enable-header-install Then compiled dovecot-sieve-1.1.5 with this cmd: ./configure --with-dovecot=/usr/local/dovecot/lib/dovecot But i got this error msg: <stdout>:1654: warning: no previous prototype for

Thanks a lot for your replies. Where can I get Ogg static libraries header, and Ogg header files. Any place where I can download. Basically I need to create a Speex library for Pocket PC 2003, that can be used from within my .NET Compact Framework application. For this I need to create a DLL file, which essentially is my Speex decoder. For this I simply need to make use of Speexdec, since this

Hi, I think there is still a major vulnerability exists in the latest Rails 1.1.5. The problem is in the routing.rb file and safe_load_paths method. Because of the erroneous regexp it is possible to perform a DOS attack on any rails application. To reproduce: 1. start your application 2. use this url: http://localhost:3000/debug Routing module will load standard debug.rb script which stops a