-
ruby-rack (2.0.7-2ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability.
- debian/patches/CVE-2020-8161.patch: Use Dir.entries instead of
Dir[glob] to prevent user-specified glob metacharacters.
- CVE-2020-8161
* SECURITY UPDATE: Cookie forgery.
- debian/patches/CVE-2020-8184.patch: When parsing cookies, only
decode the values.
- CVE-2020-8184
-- Eduardo Barretto <email address hidden> Thu, 01 Apr 2021 16:04:45 +0200
-
ruby-rack (2.0.7-2) unstable; urgency=medium
* Team upload
* Re-upload to unstable
* Add salsa-ci.yml
* Bump Standards-Version to 4.4.0
* Bump debhelper-compat to 12
-- Utkarsh Gupta <email address hidden> Tue, 03 Sep 2019 00:22:18 +0530
-
ruby-rack (2.0.6-3) unstable; urgency=medium
* Team upload.
* add Breaks: ruby-sinatra (<< 2), as ruby-sinatra 1.x does not work with
ruby-rack 2.
-- Antonio Terceiro <email address hidden> Fri, 11 Jan 2019 10:11:26 -0300