Hi everyone, Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for: * [CVE-2018-16470] Possible DoS vulnerability in Rack * [CVE-2018-16471] Possible XSS vulnerability in Rack Rack version 2.0.6 contains a fix for: * [CVE-2018-16470] Possible DoS vulnerability in Rack The gem checksums are: ``` $ sha1sum * 64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem ``` You can read more about CVE-2018-16470 here: https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk You can read more about CVE-2018-16471 here: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o Thanks for reading and have a good day! -- Aaron Patterson http://tenderlovemaking.com/ -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-core+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-core@googlegroups.com. Visit this group at https://groups.google.com/group/rubyonrails-core. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: PGP signature
