Revisions of rubygem-rack
buildservice-autocommit
accepted
request 1152360
from
Dan Čermák (dancermak)
(revision 70)
baserev update by copy to link target
Dan Čermák (dancermak)
accepted
request 1152288
from
Petr Gajdos (pgajdos)
(revision 69)
- version update to 3.0.9.1 * Fixed ReDoS in Accept header parsing [CVE-2024-26146][bsc#1220248] * Fixed ReDoS in Content Type header parsing [CVE-2024-25126][bsc#1220239] * Reject Range headers which are too large [CVE-2024-26141][bsc#1220242] * Fix content-length calcuation in Rack:Response#write #2150
buildservice-autocommit
accepted
request 1126277
from
Dan Čermák (dancermak)
(revision 68)
baserev update by copy to link target
Dan Čermák (dancermak)
accepted
request 1126128
from
Dan Čermák (defolos)
(revision 67)
🤖: Automatic update to 3.0.8
buildservice-autocommit
accepted
request 1073283
from
Dan Čermák (dancermak)
(revision 66)
baserev update by copy to link target
Dan Čermák (dancermak)
accepted
request 1073246
from
Petr Gajdos (pgajdos)
(revision 65)
[CVE-2023-27539] Avoid ReDoS in header parsing [bsc#1209503]
Dan Čermák (dancermak)
accepted
request 1073136
from
Petr Gajdos (pgajdos)
(revision 64)
- version update to 3.0.7 [3.0.7] - 2023-03-16 Make query parameters without = have nil values. (#2059, @jeremyevans) [3.0.6.1] - 2023-03-13 [CVE-2023-27539] Avoid ReDoS in header parsing [3.0.6] - 2023-03-13 Add QueryParser#missing_value for handling missing values + tests. (#2052, @ioquatix) [3.0.5] - 2023-03-13 Split form/query parsing into two steps. (#2038, @matthewd)
buildservice-autocommit
accepted
request 1070412
from
Dan Čermák (dancermak)
(revision 63)
baserev update by copy to link target
Dan Čermák (dancermak)
accepted
request 1070409
from
Petr Gajdos (pgajdos)
(revision 62)
- version update to 3.0.4.2 * rack.input is now optional, and if missing, will raise an error. Use this to fail on multipart parsing a request without an input body. (#2018, @ioquatix) * Introduce module Rack::BadRequest which is included in multipart and query parser errors. (#2019, @ioquatix) * MIME type for JavaScript files (.js) changed from application/javascript to text/javascript (1bd0f15) * fixes CVE-2023-27530 [bsc#1209095]
buildservice-autocommit
accepted
request 1060387
from
Marcus Rueckert (darix)
(revision 61)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 1059973
from
Hendrik Vogelsang (hennevogel)
(revision 60)
updated to version 3.0.4.1 [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges [CVE-2022-44572] Forbid control characters in attributes (also ReDoS) For more detailed information see the installed CHANGELOG.md
buildservice-autocommit
accepted
request 1042654
from
Factory Maintainer (factory-maintainer)
(revision 59)
baserev update by copy to link target
buildservice-autocommit
accepted
request 1009562
from
Stephan Kulow (coolo)
(revision 57)
baserev update by copy to link target
buildservice-autocommit
accepted
request 987856
from
Manuel Schnitzer (mschnitzer)
(revision 55)
baserev update by copy to link target
Manuel Schnitzer (mschnitzer)
accepted
request 987845
from
Manuel Schnitzer (mschnitzer)
(revision 54)
update
buildservice-autocommit
accepted
request 980341
from
Factory Maintainer (factory-maintainer)
(revision 53)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 979848
from
Hendrik Vogelsang (hennevogel)
(revision 52)
- updated to version 2.2.3.1 [CVE-2022-30123] Fix shell escaping issue in Common Logger [CVE-2022-30122] Restrict parsing of broken MIME attachments
buildservice-autocommit
accepted
request 815944
from
Hendrik Vogelsang (hennevogel)
(revision 51)
baserev update by copy to link target
Displaying revisions 1 - 20 of 70