---
- branch: MAIN
  date: Thu Jan 19 14:18:26 UTC 2023
  files:
  - new: '1.33'
    old: '1.32'
    path: pkgsrc/www/ruby-rack/Makefile
    pathrev: pkgsrc/www/ruby-rack/Makefile@1.33
    type: modified
  - new: '1.31'
    old: '1.30'
    path: pkgsrc/www/ruby-rack/distinfo
    pathrev: pkgsrc/www/ruby-rack/distinfo@1.31
    type: modified
  id: 20230119T141826Z.8eaaa0454ea8cf77dcf583d3bf132af6a73fff86
  log: |
    www/ruby-rack: update to 3.0.4.1

    3.0.4 (2023-01-17)

    * Rack::Request#POST should consistently raise errors.  Cache errors that
      occur when invoking Rack::Request#POST so they can be raised again later.
      (#2010, @ioquatix)

    * Fix Rack::Lint error message for HTTP_CONTENT_TYPE and
      HTTP_CONTENT_LENGTH.  (#2007, @byroot)

    * Extend Rack::MethodOverride to handle QueryParser::ParamsTooDeepError
      error.  (#2006, @byroot)

    3.0.4.1 (2023-01-17)

    * [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
    * [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
    * [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/ruby-rack'
  unixtime: '1674137906'
  user: taca