ruby-rack 1.6.4-3ubuntu0.2 source package in Ubuntu

Changelog

ruby-rack (1.6.4-3ubuntu0.2) xenial-security; urgency=medium

  * Merge patches from Debian.
  * SECURITY UPDATE: Directory traversal vulnerability.
    - debian/patches/CVE-2020-8161.patch: Use Dir.entries instead of
      Dir[glob] to prevent user-specified glob metacharacters.
    - CVE-2020-8161
  * SECURITY UPDATE: Cookie forgery.
    - debian/patches/CVE-2020-8184.patch: When parsing cookies, only
      decode the values.
    - CVE-2020-8184

 -- Eduardo Barretto <email address hidden>  Thu, 01 Apr 2021 12:43:47 +0200

Upload details

Uploaded by:
Eduardo Barretto
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates universe ruby
Xenial security universe ruby

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
ruby-rack_1.6.4.orig.tar.gz 226.8 KiB ceee5dd5aa0b0e2f765085e7dc378dab993bb80632974ad753e606547c6babd0
ruby-rack_1.6.4-3ubuntu0.2.debian.tar.xz 7.9 KiB 10ddea67a176636a67566e173cd5c4cc677cc91658098cb0775d2953711053cf
ruby-rack_1.6.4-3ubuntu0.2.dsc 2.2 KiB 59aae1b3298d1453a24309051f4c45a5b922bb046c71e9acee3993c18c010197

View changes file

Binary packages built by this source

ruby-rack: modular Ruby webserver interface

 Rack provides a minimal, modular and adaptable interface for developing
 web applications in Ruby. By wrapping HTTP requests and responses in
 the simplest way possible, it unifies and distills the API for web
 servers, web frameworks, and software in between (the so-called
 middleware) into a single method call.
 .
 Also see http://rack.github.io/.