Bugs fixes in "ruby-rack"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-34835 | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host hea | 2026-04-18 |
| CVE | CVE-2026-34831 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Files#fail sets the Content-Length response header us | 2026-04-18 |
| CVE | CVE-2026-34830 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfile#map_accel_path interpolates the value of the | 2026-04-18 |
| CVE | CVE-2026-34829 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps the request body in a Bo | 2026-04-18 |
| CVE | CVE-2026-34827 | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parser#handle_mi | 2026-04-18 |
| CVE | CVE-2026-34826 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.get_byte_ranges parses the HTTP Range header wi | 2026-04-18 |
| CVE | CVE-2026-34786 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static#applicable_rules evaluates several header_rule | 2026-04-18 |
| CVE | CVE-2026-34785 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served | 2026-04-18 |
| CVE | CVE-2026-34763 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path direc | 2026-04-18 |
| CVE | CVE-2026-34230 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.select_best_encoding processes Accept-Encoding | 2026-04-18 |
| CVE | CVE-2026-32762 | Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwarded_values parse | 2026-04-18 |
| CVE | CVE-2026-26962 | Rack is a modular Ruby web server interface. From version 3.2.0 to before version 3.2.6, Rack::Multipart::Parser unfolds folded multipart part header | 2026-04-18 |
| CVE | CVE-2026-26961 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter fro | 2026-04-18 |
| CVE | CVE-2026-34831 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Files#fail sets the Content-Length response header us | 2026-04-16 |
| CVE | CVE-2026-34830 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfile#map_accel_path interpolates the value of the | 2026-04-16 |
| CVE | CVE-2026-34829 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps the request body in a Bo | 2026-04-16 |
| CVE | CVE-2026-34826 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.get_byte_ranges parses the HTTP Range header wi | 2026-04-16 |
| CVE | CVE-2026-34786 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static#applicable_rules evaluates several header_rule | 2026-04-16 |
| CVE | CVE-2026-34785 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served | 2026-04-16 |
| CVE | CVE-2026-34763 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path direc | 2026-04-16 |
About
-
Send Feedback to @ubuntu_updates
