Google Groups

[SEC][ANN] Rack 1.3.10, a modular Ruby webserver interface


raggi Feb 7, 2013 7:11 PM
Posted in group: Rack Development
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Today we are proud to announce the release of Rack 1.3.10.

= Rack, a modular Ruby webserver interface

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby.  By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
The exact details of this are described in the Rack specification, which all Rack applications should conform to.

== Changes

* February 7th, Thirty fifth public release 1.1.6, 1.2.8, 1.3.10
  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie

== Where can I get it?

You can download Rack at
        http://chneukirchen.org/releases/rack-1.3.10.tar.gz   (upload pending at time of writing)
                  http://rubyforge.org/projects/rack

Alternatively, you can checkout from the development repository with:
    git clone git://github.com/rack/rack.git
cd rack && git checkout rack-1.3   # for this release

Happy hacking and have a nice day,

James Tucker
on behalf of the Rack Core Team.

381c75b3d65114cd10b5bc5e7ca1d6206806f794  rack-1.3.10.tar.gz
46087d924c059665cbf3040cd0c93c804fc52f7b  rack-1.3.10.gem
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)

iQEcBAEBAgAGBQJRFGz3AAoJELphsezQxofDcdoIALJnNeRLlykgvNBVIsc0kaEJ
9Nwh46dkrL6DCuTYYcwmVjfR85N4X6GT6ckm9iBhEWNe2gKvFTvW1duG7sf3TdPQ
6xbzg5uJTNWYG4Q4a0ybRc6BpFwFaiKwKVhEefuus10COUV0inn+2ZoTyOn3EurH
i0oLBztjnuujlxc7rvGVcLzASVxYo5bNUIhv5qFhVxl5vFDkyI58kKXeOkyVdPML
jX0g7wTkQHzRWbONWHHIlD8SmRwNS7iFnJCNIM2RgHT58Rv+GQiR2MH4fWf0AMQ8
+hXB1JGpkc3lME6FfK5rsIbuBM3e0+GlDkKX4cNz2ZsBSNUZsW9lsrWLWHyvSJQ=
=moYr
-----END PGP SIGNATURE-----