From 16f558a28127e391b70c92926c501794ed3365da Mon Sep 17 00:00:00 2001 From: shugo Date: Sat, 13 Sep 2008 02:14:39 +0000 Subject: [PATCH] * NEWS: added an entry for REXML. * lib/rexml/document.rb: fixed typo. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@19322 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 6 ++++++ NEWS | 9 +++++++++ lib/rexml/document.rb | 4 ++-- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 618df3c3df..87c8e21255 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Sat Sep 13 11:13:18 2008 Shugo Maeda + + * NEWS: added an entry for REXML. + + * lib/rexml/document.rb: fixed typo. + Sat Sep 13 11:05:38 2008 Shugo Maeda * lib/rexml/document.rb: limit entity expansion. Thanks, Luka diff --git a/NEWS b/NEWS index dc391b2b1e..39223610fd 100644 --- a/NEWS +++ b/NEWS @@ -49,6 +49,15 @@ with all sufficient information, see the ChangeLog file. * raise an exception not returns nil for invalid feed making. * requires block. +* REXML + + * REXML::Document.entity_expansion_limit= + + New method to set the entity expansion limit. By default the limit is + set to 10000. See the following URL for details. + + http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ + == Changes since the 1.8.6 release === Configuration changes diff --git a/lib/rexml/document.rb b/lib/rexml/document.rb index 11fd0647bf..3d1300a06b 100644 --- a/lib/rexml/document.rb +++ b/lib/rexml/document.rb @@ -203,12 +203,12 @@ module REXML @@entity_expansion_limit = 10_000 - # Set the entity expansion limit. By defualt the limit is set to 10000. + # Set the entity expansion limit. By default the limit is set to 10000. def Document::entity_expansion_limit=( val ) @@entity_expansion_limit = val end - # Get the entity expansion limit. By defualt the limit is set to 10000. + # Get the entity expansion limit. By default the limit is set to 10000. def Document::entity_expansion_limit return @@entity_expansion_limit end