Hi everyone,
Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases contain important security fixes, and you should upgrade!
Rack version 1.6.11 contains fixes for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack * [CVE-2018-16471] Possible XSS vulnerability in Rack
Rack version 2.0.6 contains a fix for:
* [CVE-2018-16470] Possible DoS vulnerability in Rack
The gem checksums are:
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
You can read more about CVE-2018-16470 here:
You can read more about CVE-2018-16471 here:
Thanks for reading and have a good day!