Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package rubygem-rack for openSUSE:Factory 
checked in at 2022-07-08 14:03:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rack (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-rack.new.1523 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "rubygem-rack"

Fri Jul  8 14:03:21 2022 rev:21 rq:987856 version:2.2.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-rack/rubygem-rack.changes        
2022-06-01 17:35:50.170824044 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-rack.new.1523/rubygem-rack.changes      
2022-07-08 14:03:28.526556168 +0200
@@ -1,0 +2,8 @@
+Fri Jul  8 08:41:33 UTC 2022 - Manuel Schnitzer <mschnit...@suse.com>
+
+- updated to version 2.2.4
+
+  * Better support for lower case headers in `Rack::ETag` middleware. 
([#1919](https://github.com/rack/rack/pull/1919), 
[@ioquatix](https://github.com/ioquatix))
+  * Use custom exception on params too deep error. 
([#1838](https://github.com/rack/rack/pull/1838), 
[@simi](https://github.com/simi))
+
+-------------------------------------------------------------------

Old:
----
  rack-2.2.3.1.gem

New:
----
  rack-2.2.4.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-rack.spec ++++++
--- /var/tmp/diff_new_pack.adVMWw/_old  2022-07-08 14:03:28.862556568 +0200
+++ /var/tmp/diff_new_pack.adVMWw/_new  2022-07-08 14:03:28.866556573 +0200
@@ -24,7 +24,7 @@
 #
 
 Name:           rubygem-rack
-Version:        2.2.3.1
+Version:        2.2.4
 Release:        0
 %define mod_name rack
 %define mod_full_name %{mod_name}-%{version}

++++++ rack-2.2.3.1.gem -> rack-2.2.4.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md    2022-05-27 17:30:06.000000000 +0200
+++ new/CHANGELOG.md    2022-07-01 00:19:47.000000000 +0200
@@ -2,13 +2,22 @@
 
 All notable changes to this project will be documented in this file. For info 
on how to format all future additions to this file please reference [Keep A 
Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [2.2.4] - 2022-06-30
+
+- Better support for lower case headers in `Rack::ETag` middleware. 
([#1919](https://github.com/rack/rack/pull/1919), 
[@ioquatix](https://github.com/ioquatix))
+- Use custom exception on params too deep error. 
([#1838](https://github.com/rack/rack/pull/1838), 
[@simi](https://github.com/simi))
+
 ## [2.2.3.1] - 2022-05-27
 
+### Security
+
 - [CVE-2022-30123] Fix shell escaping issue in Common Logger
 - [CVE-2022-30122] Restrict parsing of broken MIME attachments
 
 ## [2.2.3] - 2020-02-11
 
+### Security
+
 - [CVE-2020-8184] Only decode cookie values
 
 ## [2.2.2] - 2020-02-11
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rack/etag.rb new/lib/rack/etag.rb
--- old/lib/rack/etag.rb        2022-05-27 17:30:06.000000000 +0200
+++ new/lib/rack/etag.rb        2022-07-01 00:19:47.000000000 +0200
@@ -26,6 +26,8 @@
     def call(env)
       status, headers, body = @app.call(env)
 
+      headers = Utils::HeaderHash[headers]
+
       if etag_status?(status) && etag_body?(body) && !skip_caching?(headers)
         original_body = body
         digest, new_body = digest_body(body)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rack/lint.rb new/lib/rack/lint.rb
--- old/lib/rack/lint.rb        2022-05-27 17:30:06.000000000 +0200
+++ new/lib/rack/lint.rb        2022-07-01 00:19:47.000000000 +0200
@@ -48,10 +48,10 @@
 
       ## and returns an Array of exactly three values:
       ary = @app.call(env)
-      assert("response #{ary.inspect} is not an Array , but #{ary.class}") {
+      assert("response is not an Array, but #{ary.class}") {
         ary.kind_of? Array
       }
-      assert("response array #{ary.inspect} has #{ary.size} elements instead 
of 3") {
+      assert("response array has #{ary.size} elements instead of 3") {
         ary.size == 3
       }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rack/query_parser.rb new/lib/rack/query_parser.rb
--- old/lib/rack/query_parser.rb        2022-05-27 17:30:06.000000000 +0200
+++ new/lib/rack/query_parser.rb        2022-07-01 00:19:47.000000000 +0200
@@ -16,6 +16,10 @@
     # sequence.
     class InvalidParameterError < ArgumentError; end
 
+    # ParamsTooDeepError is the error that is raised when params are 
recursively
+    # nested over the specified limit.
+    class ParamsTooDeepError < RangeError; end
+
     def self.make_default(key_space_limit, param_depth_limit)
       new Params, key_space_limit, param_depth_limit
     end
@@ -81,7 +85,7 @@
     # the structural types represented by two different parameter names are in
     # conflict, a ParameterTypeError is raised.
     def normalize_params(params, name, v, depth)
-      raise RangeError if depth <= 0
+      raise ParamsTooDeepError if depth <= 0
 
       name =~ %r(\A[\[\]]*([^\[\]]+)\]*)
       k = $1 || ''
@@ -168,7 +172,7 @@
 
       def []=(key, value)
         @size += key.size if key && !@params.key?(key)
-        raise RangeError, 'exceeded available parameter key space' if @size > 
@limit
+        raise ParamsTooDeepError, 'exceeded available parameter key space' if 
@size > @limit
         @params[key] = value
       end
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rack/utils.rb new/lib/rack/utils.rb
--- old/lib/rack/utils.rb       2022-05-27 17:30:06.000000000 +0200
+++ new/lib/rack/utils.rb       2022-07-01 00:19:47.000000000 +0200
@@ -22,6 +22,9 @@
     COMMON_SEP = QueryParser::COMMON_SEP
     KeySpaceConstrainedParams = QueryParser::Params
 
+    RFC2822_DAY_NAME = [ 'Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat' ]
+    RFC2822_MONTH_NAME = [ 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 
'Aug', 'Sep', 'Oct', 'Nov', 'Dec' ]
+
     class << self
       attr_accessor :default_query_parser
     end
@@ -327,8 +330,8 @@
     # weekday and month.
     #
     def rfc2109(time)
-      wday = Time::RFC2822_DAY_NAME[time.wday]
-      mon = Time::RFC2822_MONTH_NAME[time.mon - 1]
+      wday = RFC2822_DAY_NAME[time.wday]
+      mon = RFC2822_MONTH_NAME[time.mon - 1]
       time.strftime("#{wday}, %d-#{mon}-%Y %H:%M:%S GMT")
     end
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rack/version.rb new/lib/rack/version.rb
--- old/lib/rack/version.rb     2022-05-27 17:30:06.000000000 +0200
+++ new/lib/rack/version.rb     2022-07-01 00:19:47.000000000 +0200
@@ -20,7 +20,7 @@
     VERSION.join(".")
   end
 
-  RELEASE = "2.2.3.1"
+  RELEASE = "2.2.4"
 
   # Return the Rack release as a dotted string.
   def self.release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2022-05-27 17:30:06.000000000 +0200
+++ new/metadata        2022-07-01 00:19:47.000000000 +0200
@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack
 version: !ruby/object:Gem::Version
-  version: 2.2.3.1
+  version: 2.2.4
 platform: ruby
 authors:
 - Leah Neukirchen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-27 00:00:00.000000000 Z
+date: 2022-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest

Reply via email to