Format: 1.8
Date: Tue, 06 Aug 2019 11:38:00 -0300
Source: ruby-rack
Binary: ruby-rack
Architecture: all
Version: 1.6.4-3ubuntu0.1
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-021.buildd>
Changed-By: Eduardo Barretto <eduardo.barretto@canonical.com>
Description:
 ruby-rack  - modular Ruby webserver interface
Changes:
 ruby-rack (1.6.4-3ubuntu0.1) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Crafted requests can impact the data returned by the scheme
     method on Rack::Request leading to an XSS attack.
     - debian/patches/CVE-2018-16471.patch: whitelist http/https schemes.
     - CVE-2018-16471
Checksums-Sha1:
 69a1774d602e66b01d9235350e16460068cb72e7 81418 ruby-rack_1.6.4-3ubuntu0.1_all.deb
Checksums-Sha256:
 ea47f7733af57fe61d179ed8854d9b25240f6a85f408dced8da3bdc1fd7290dd 81418 ruby-rack_1.6.4-3ubuntu0.1_all.deb
Files:
 8e19a249cc67fca6abf488c594889fb7 81418 ruby optional ruby-rack_1.6.4-3ubuntu0.1_all.deb
Original-Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>