ruby-rack 2.0.7-2ubuntu0.1 source package in Ubuntu

Changelog

ruby-rack (2.0.7-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Directory traversal vulnerability.
    - debian/patches/CVE-2020-8161.patch: Use Dir.entries instead of
      Dir[glob] to prevent user-specified glob metacharacters.
    - CVE-2020-8161
  * SECURITY UPDATE: Cookie forgery.
    - debian/patches/CVE-2020-8184.patch: When parsing cookies, only
      decode the values.
    - CVE-2020-8184

 -- Eduardo Barretto <email address hidden>  Thu, 01 Apr 2021 16:04:45 +0200

Upload details

Uploaded by:
Eduardo Barretto on 2021-04-06
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates on 2021-04-06 universe ruby
Focal security on 2021-04-06 universe ruby

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
ruby-rack_2.0.7.orig.tar.gz 249.5 KiB 583155d14b40a4bec96bad817df0799deb40dafe348b4a505845eba09f9d1900
ruby-rack_2.0.7-2ubuntu0.1.debian.tar.xz 7.4 KiB f226dc6b308bb28fb514fb48df20e7645a26f4bbffead02cf53c9c7dc9428d12
ruby-rack_2.0.7-2ubuntu0.1.dsc 2.3 KiB ce41a7dfcce610c65ed8938ca7fc735cbfd8be6578223a34da56a59030f62aa5

View changes file

Binary packages built by this source

ruby-rack: modular Ruby webserver interface

 Rack provides a minimal, modular and adaptable interface for developing
 web applications in Ruby. By wrapping HTTP requests and responses in
 the simplest way possible, it unifies and distills the API for web
 servers, web frameworks, and software in between (the so-called
 middleware) into a single method call.
 .
 Also see http://rack.github.io/.