Package : librack-ruby
Version : 1.1.0-4+squeeze3
CVE ID : CVE-2015-3225
There is a potential denial of service vulnerability in Rack, a modular
Ruby webserver interface.
Carefully crafted requests can cause a SystemStackError
and cause a
denial of service attack by exploiting the lack of a sensible depth
check when doing parameter normalization.
We recommend that you update your librack-ruby packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | librack-ruby | < 1.1.0-4+squeeze3 | librack-ruby_1.1.0-4+squeeze3_all.deb |
Debian | 6 | all | librack-ruby1.9.1 | < 1.1.0-4+squeeze3 | librack-ruby1.9.1_1.1.0-4+squeeze3_all.deb |
Debian | 6 | all | librack-ruby1.8 | < 1.1.0-4+squeeze3 | librack-ruby1.8_1.1.0-4+squeeze3_all.deb |