XSS security patch

Hi,

Does anyone know how to apply the XSS security patch delivered by the
rails community at
http://weblog.rubyonrails.org/assets/2009/9/4/2-3-timing-weakness.patch

When i try to click on the link it opens some cryptic page.

Thanks,
Pratik

sorry the patch is at
http://weblog.rubyonrails.org/assets/2009/9/4/2-3-CVE-2009-3009.patch

Pratik Khadloya wrote:

Hi,

Does anyone know how to apply the XSS security patch delivered by the
rails community at
http://weblog.rubyonrails.org/assets/2009/9/4/2-3-timing-weakness.patch

When i try to click on the link it opens some cryptic page.

No it doesn’t. The link, at least for me, leads to a standard
patchfile. You should have no problem applying this with the patch
command.

Thanks,
Pratik

Best,

Marnen Laibow-Koser
http://www.marnen.org
[email protected]

On Fri, Sep 4, 2009 at 1:57 PM, tispratik[email protected] wrote:

sorry the patch is at http://weblog.rubyonrails.org/assets/2009/9/4/2-3-CVE-2009-3009.patch

Patches aren’t formatted for viewing in a browser, the newline
characters will render as spaces, this is normal.

You probably want to do something like this:

cd /path/to/ruby/gems
wget
http://weblog.rubyonrails.org/assets/2009/9/4/2-3-CVE-2009-3009.patch
cat 2-3-CVE-2009-3009.patch | patch -p1


Greg D.
http://destiney.com/