Now
MAIN commitmail json YAML
www/ruby-rack: update to 3.0.4.1
3.0.4 (2023-01-17)
* Rack::Request#POST should consistently raise errors. Cache errors that
occur when invoking Rack::Request#POST so they can be raised again later.
(#2010, @ioquatix)
* Fix Rack::Lint error message for HTTP_CONTENT_TYPE and
HTTP_CONTENT_LENGTH. (#2007, @byroot)
* Extend Rack::MethodOverride to handle QueryParser::ParamsTooDeepError
error. (#2006, @byroot)
3.0.4.1 (2023-01-17)
* [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
* [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
* [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)
3.0.4 (2023-01-17)
* Rack::Request#POST should consistently raise errors. Cache errors that
occur when invoking Rack::Request#POST so they can be raised again later.
(#2010, @ioquatix)
* Fix Rack::Lint error message for HTTP_CONTENT_TYPE and
HTTP_CONTENT_LENGTH. (#2007, @byroot)
* Extend Rack::MethodOverride to handle QueryParser::ParamsTooDeepError
error. (#2006, @byroot)
3.0.4.1 (2023-01-17)
* [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
* [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
* [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)