Package "ruby-rack"

Name:	ruby-rack
Description:	modular Ruby webserver interface
Latest version:	2.2.7-1ubuntu0.1
Release:	noble (24.04)
Level:	security
Repository:	main
Homepage:	https://rack.github.io/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "ruby-rack"

All arch deb package

APT INSTALL

Other versions of "ruby-rack" in Noble

Repository	Area	Version
base	main	2.2.7-1
updates	main	2.2.7-1ubuntu0.1

Changelog

Version: 2.2.7-1ubuntu0.1 2024-06-17 15:07:14 UTC

ruby-rack (2.2.7-1ubuntu0.1) noble-security; urgency=medium * SECURITY UPDATE: DoS via crafted content type headers - debian/patches/CVE-2024-25126.patch: avoid 2nd degree polynomial regexp in MediaType in lib/rack/media_type.rb. - CVE-2024-25126 * SECURITY UPDATE: DoS via crafted Range headers - debian/patches/CVE-2024-26141.patch: return an empty array when ranges are too large in lib/rack/utils.rb, test/spec_utils.rb. - CVE-2024-26141 * SECURITY UPDATE: Dos via crafted headers - debian/patches/CVE-2024-26146.patch: fix ReDoS in header parsing in lib/rack/utils.rb. - CVE-2024-26146 -- Marc Deslauriers <email address hidden> Fri, 14 Jun 2024 13:15:36 -0400

CVE-2024-25126	Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expec
CVE-2024-26141	Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Respo
CVE-2024-26146	Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a p

About - Send Feedback to @ubuntu_updates

Package "ruby-rack"

Links

Download "ruby-rack"

Other versions of "ruby-rack" in Noble

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates