ruby-fcgi b0rks with SIGABRT whenever the client breaks the connection with the server. This can lead to a DoS because mod_fastcgi will refuse to spawn new fcgi processes after a while. FYI, mod_fcgid (see bug #79313) is more resilient and recovers faster but will issue some errors 503 anyway.
Created attachment 49549 [details] ruby-fcgi-0.8.5.ebuild Please get into portage asap KEYWORDS reset to ~x86 because I can't test on anything else atm.
Could anyone from the ruby herd take care of this one? Thanks a lot.
Added ruby-fcgi-0.8.5.ebuild to CVS.
Thx everyone. Is this properly reported upstream, from the description it appears that the issue is not completely fixed and filed as restricted? Xavier please asssing such issues directly to security next time.
~ -> closing without GLSA