Aaron Patterson reports:
The Multipart MIME parsing code in Rack limits the number
of file parts, but does not limit the total number of
parts that can be uploaded. Carefully crafted requests can
abuse this and cause multipart parsing to take longer than
expected.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | rubygem-rack | <Â 3.0.4.2,3 | UNKNOWN |
FreeBSD | any | noarch | rubygem-rack22 | <Â 2.2.6.3,3 | UNKNOWN |
FreeBSD | any | noarch | rubygem-rack16 | <Â 1.6.14 | UNKNOWN |