File rubygem-rack-1_2.changes of Package rubygem-rack-1_2.openSUSE_12.2_Update

-------------------------------------------------------------------
Wed Feb 13 16:57:58 UTC 2013 - mrueckert@suse.de

- update to 1.2.8 (bnc#802794)
  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie

-------------------------------------------------------------------
Thu Jan 17 13:31:18 UTC 2013 - mrueckert@suse.de

- update to 1.2.7 (bnc#798452)
  * [SEC] Rack::Auth::AbstractRequest no longer symbolizes
    arbitrary strings
- additional changes from 1.2.6
  * Add warnings when users do not provide a session secret
  * Fix parsing performance for unquoted filenames
- additional changes from 1.2.4
  * Fix a bug with MRI regex engine to prevent XSS by malformed
    unicode

-------------------------------------------------------------------
Fri Jun 17 14:11:39 UTC 2011 - mrueckert@suse.de

- initial package of the 1.2 branch (1.2.3)

openSUSE Build Service is sponsored by