From 1439cbadeeb62104e1a4522e315e9bccef78f9d2 Mon Sep 17 00:00:00 2001
From: Sutou Kouhei <kou@clear-code.com>
Date: Thu, 16 May 2024 13:49:58 +0900
Subject: [PATCH 1/2] Add CVE-2024-35176: DoS in REXML

---
 .../2024-05-16-dos-rexml-cve-2024-35176.md    | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md

diff --git a/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md
new file mode 100644
index 0000000000..1c17407e52
--- /dev/null
+++ b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md
@@ -0,0 +1,29 @@
+---
+layout: news_post
+title: "CVE-2024-35176: DoS in REXML"
+author: "kou"
+translator:
+date: 2024-05-16 05:00:00 +0000
+tags: security
+lang: en
+---
+
+There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176). We strongly recommend upgrading the REXML gem.
+
+## Details
+
+When parsing an XML document that has many `<` in an attribute value, REXML gem may take many time.
+
+Please update REXML gem to version 3.2.7 or later.
+
+## Affected versions
+
+* REXML gem 3.2.6 or prior
+
+## Credits
+
+Thanks to [mprogrammer](https://hackerone.com/mprogrammer) for discovering this issue.
+
+## History
+
+* Originally published at 2024-05-16 05:00:00 (UTC)

From 237a8ea88be2457845147914ebc213c6d1a5ffbc Mon Sep 17 00:00:00 2001
From: Sutou Kouhei <kou@cozmixng.org>
Date: Thu, 16 May 2024 16:40:03 +0900
Subject: [PATCH 2/2] Fix wording

Co-authored-by: nagachika <nagachika@ruby-lang.org>
---
 en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md
index 1c17407e52..5867f1a877 100644
--- a/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md
+++ b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md
@@ -12,7 +12,7 @@ There is a DoS vulnerability in REXML gem. This vulnerability has been assigned
 
 ## Details
 
-When parsing an XML document that has many `<` in an attribute value, REXML gem may take many time.
+When parsing an XML document that has many `<` in an attribute value, REXML gem may take long time.
 
 Please update REXML gem to version 3.2.7 or later.