Format: 1.8
Date: Tue, 06 Aug 2019 11:20:40 -0300
Source: ruby-rack
Binary: ruby-rack
Architecture: all
Version: 1.6.4-4ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy01-amd64-003.buildd>
Changed-By: Eduardo Barretto <eduardo.barretto@canonical.com>
Description:
 ruby-rack  - modular Ruby webserver interface
Changes:
 ruby-rack (1.6.4-4ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Crafted requests can impact the data returned by the scheme
     method on Rack::Request leading to an XSS attack.
     - debian/patches/CVE-2018-16471.patch: whitelist http/https schemes.
     - CVE-2018-16471
Checksums-Sha1:
 7222907dfe39a0c4846ff789aef5e09c4c3416f7 81396 ruby-rack_1.6.4-4ubuntu0.1_all.deb
 9296e54439b2570c34970fd7dfed12d7ec472df0 6441 ruby-rack_1.6.4-4ubuntu0.1_amd64.buildinfo
Checksums-Sha256:
 ff79c44bf346b0904b54a43b3495c3f6b3eee5b5ea30c8b568b1ae98e50b23bb 81396 ruby-rack_1.6.4-4ubuntu0.1_all.deb
 ebcbb4affebcf267a780cf6783fe07da3dff477fe65f2c0b146b24c88b56d61b 6441 ruby-rack_1.6.4-4ubuntu0.1_amd64.buildinfo
Files:
 03cc044be66edc3f0b6748d91534c4ff 81396 ruby optional ruby-rack_1.6.4-4ubuntu0.1_all.deb
 a5d1815991a2a766be5345667e1298db 6441 ruby optional ruby-rack_1.6.4-4ubuntu0.1_amd64.buildinfo
Original-Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>