Package "ruby-rack-session"

Name:	ruby-rack-session
Description:	Session management implementation for Rack
Latest version:	2.1.1-0.1ubuntu0.1
Release:	questing (25.10)
Level:	updates
Repository:	main
Homepage:	https://github.com/rack/rack-session

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "ruby-rack-session"

All arch deb package

APT INSTALL

Other versions of "ruby-rack-session" in Questing

Repository	Area	Version
base	main	2.1.1-0.1
security	main	2.1.1-0.1ubuntu0.1

Changelog

Version: 2.1.1-0.1ubuntu0.1 2026-04-20 18:08:15 UTC

ruby-rack-session (2.1.1-0.1ubuntu0.1) questing-security; urgency=medium * SECURITY UPDATE: Acceptance of unencrypted cookie when decryption fails. - debian/patches/CVE-2026-39324.patch: Add encryptors.empty? check in lib/rack/session/cookie.rb. Add tests in test/spec_session_cookie.rb. - CVE-2026-39324 -- Hlib Korzhynskyy <email address hidden> Thu, 16 Apr 2026 14:40:31 -0230

CVE-2026-39324

Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failu

About - Send Feedback to @ubuntu_updates

Package "ruby-rack-session"

Links

Download "ruby-rack-session"

Other versions of "ruby-rack-session" in Questing

Changelog

Share this page

Bookmarks

Latest updates

proposed

base

PPA updates