Aaron Patterson
2018-11-05 20:17:58 UTC
Hi everyone,
Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases
contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
* [CVE-2018-16471] Possible XSS vulnerability in Rack
Rack version 2.0.6 contains a fix for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
The gem checksums are:
```
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
```
You can read more about CVE-2018-16470 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
You can read more about CVE-2018-16471 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Thanks for reading and have a good day!
Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases
contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
* [CVE-2018-16471] Possible XSS vulnerability in Rack
Rack version 2.0.6 contains a fix for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
The gem checksums are:
```
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
```
You can read more about CVE-2018-16470 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
You can read more about CVE-2018-16471 here:
https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Thanks for reading and have a good day!
--
Aaron Patterson
http://tenderlovemaking.com/
Aaron Patterson
http://tenderlovemaking.com/