Package "ruby-rack"

Name:	ruby-rack
Description:	modular Ruby webserver interface
Latest version:	2.0.7-2ubuntu0.1
Release:	focal (20.04)
Level:	updates
Repository:	universe
Homepage:	https://rack.github.io/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "ruby-rack"

All arch deb package

APT INSTALL

Other versions of "ruby-rack" in Focal

Repository	Area	Version
base	universe	2.0.7-2
security	universe	2.0.7-2ubuntu0.1

Changelog

Version: 2.0.7-2ubuntu0.1 2021-04-06 13:07:14 UTC

ruby-rack (2.0.7-2ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability. - debian/patches/CVE-2020-8161.patch: Use Dir.entries instead of Dir[glob] to prevent user-specified glob metacharacters. - CVE-2020-8161 * SECURITY UPDATE: Cookie forgery. - debian/patches/CVE-2020-8184.patch: When parsing cookies, only decode the values. - CVE-2020-8184 -- Eduardo Barretto <email address hidden> Thu, 01 Apr 2021 16:04:45 +0200

CVE-2020-8161	A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory a
CVE-2020-8184	A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an

About - Send Feedback to @ubuntu_updates

Package "ruby-rack"

Links

Download "ruby-rack"

Other versions of "ruby-rack" in Focal

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates