[ANN] Rack versions 1.6.11 and 2.0.6 have been released!
8 views
Skip to first unread message
Aaron Patterson
Nov 5, 2018, 3:18:28 PM11/5/18
to rubyonra...@googlegroups.com, rubyonra...@googlegroups.com, ruby...@ruby-lang.org, rack...@googlegroups.com
Hi everyone,
Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases
contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
* [CVE-2018-16471] Possible XSS vulnerability in Rack
Rack version 2.0.6 contains a fix for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
The gem checksums are:
```
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
```
You can read more about CVE-2018-16470 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
You can read more about CVE-2018-16471 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Thanks for reading and have a good day!
--
Aaron Patterson
http://tenderlovemaking.com/
Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases
contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
* [CVE-2018-16471] Possible XSS vulnerability in Rack
Rack version 2.0.6 contains a fix for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
The gem checksums are:
```
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
```
You can read more about CVE-2018-16470 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
You can read more about CVE-2018-16471 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Thanks for reading and have a good day!
--
Aaron Patterson
http://tenderlovemaking.com/
Reply all
Reply to author
Forward
0 new messages