ruby-rack 2.2.7-1ubuntu0.1 source package in Ubuntu
Changelog
ruby-rack (2.2.7-1ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: DoS via crafted content type headers
- debian/patches/CVE-2024-25126.patch: avoid 2nd degree polynomial
regexp in MediaType in lib/rack/media_type.rb.
- CVE-2024-25126
* SECURITY UPDATE: DoS via crafted Range headers
- debian/patches/CVE-2024-26141.patch: return an empty array when
ranges are too large in lib/rack/utils.rb, test/spec_utils.rb.
- CVE-2024-26141
* SECURITY UPDATE: Dos via crafted headers
- debian/patches/CVE-2024-26146.patch: fix ReDoS in header parsing in
lib/rack/utils.rb.
- CVE-2024-26146
-- Marc Deslauriers <email address hidden> Fri, 14 Jun 2024 13:15:36 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Noble
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- ruby
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Noble | updates | main | ruby | |
| Noble | security | main | ruby |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ruby-rack_2.2.7.orig.tar.gz | 272.7 KiB | e942379fba7a6aa18951973a95cc323c10af7aa7ff61207794bf6fea3ec822b4 |
| ruby-rack_2.2.7-1ubuntu0.1.debian.tar.xz | 10.8 KiB | 7decbb1c1648357a4ebe8994d33c9a890cb43ce101fb9b2ba535736a75d2004c |
| ruby-rack_2.2.7-1ubuntu0.1.dsc | 2.4 KiB | 1127b7d6c5b67b85997f0efe80fe027b31b4c091862050b93d01d08f73e26adb |
Available diffs
Binary packages built by this source
- ruby-rack: modular Ruby webserver interface
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
.
Also see http://rack.github. io/.
