Publishing details
Changelog
ruby-rack (1.6.4-4ubuntu0.2) bionic-security; urgency=medium
* Merge patches from Debian.
* SECURITY UPDATE: Directory traversal vulnerability.
- debian/patches/CVE-2020-8161.patch: Use Dir.entries instead of
Dir[glob] to prevent user-specified glob metacharacters.
- CVE-2020-8161
* SECURITY UPDATE: Cookie forgery.
- debian/patches/CVE-2020-8184.patch: When parsing cookies, only
decode the values.
- CVE-2020-8184
-- Eduardo Barretto <email address hidden> Wed, 30 Sep 2020 12:08:48 -0300
Builds
Built packages
-
ruby-rack
modular Ruby webserver interface
Package files