This blog no longer exists.
You will be redirected to something cool.

Thursday, December 29, 2011

DDoS Attack on Ruby Hash algo in v 1.8.7-p352 and older

Denial of service attack on the hash algorithm in Ruby. Scary stuff!
I've never used 1.8 as I started learning Ruby with 1.9.1 (and later)

The folks over at Ruby recommend to do either of the following,

A: Scramble the string hash function
B: Upgrade to Ruby ruby 1.8.7-p357 or higher (1.9 is awesome, though, imo.)

Do you use any of the affected versions of Ruby?