Package "ruby-rack"

Name:	ruby-rack
Description:	modular Ruby webserver interface
Latest version:	2.2.7-1.1ubuntu0.1
Release:	oracular (24.10)
Level:	updates
Repository:	main
Homepage:	https://rack.github.io/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "ruby-rack"

All arch deb package

APT INSTALL

Other versions of "ruby-rack" in Oracular

Repository	Area	Version
base	main	2.2.7-1.1
security	main	2.2.7-1.1ubuntu0.1

Changelog

Version: 2.2.7-1.1ubuntu0.1 2025-03-25 09:07:08 UTC

ruby-rack (2.2.7-1.1ubuntu0.1) oracular-security; urgency=medium * SECURITY UPDATE: injection vulnerabilities - debian/patches/CVE-2025-25184.patch: Escape non-printable characters when logging. - debian/patches/CVE-2025-27111.patch: Use `#inspect` to prevent log injection. - CVE-2025-25184 - CVE-2025-27111 * SECURITY UPDATE: path traversal vulnerability - debian/patches/CVE-2025-27610.patch: Use a fully resolved file path when confirming if a file can be served by `Rack::Static`. - CVE-2025-27610 -- Shishir Subedi <email address hidden> Fri, 14 Mar 2025 13:51:48 +0545

CVE-2025-25184	Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited
CVE-2025-27111	Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacke
CVE-2025-27610	Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files unde

About - Send Feedback to @ubuntu_updates

Package "ruby-rack"

Links

Download "ruby-rack"

Other versions of "ruby-rack" in Oracular

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates