[SECURITY] [DSA 5886-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5886-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 25, 2025 https://www.debian.org/security/faq -...

MGASA-2020-0306 Updated ruby-rack packages fix security vulnerability

A reliance on cookies without validation/integrity check security vulnerability exists in rack 2.2.3 that makes it is possible for an attacker to forge a secure or host-only cookie prefix CVE-2020-8184...

MGASA-2020-0252 Updated ruby-rack packages fix security vulnerability

Updated ruby-rack packages fix security vulnerabilities: There's a possible information leak / session hijack vulnerability in RackRubyGem rack. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a...

[SECURITY] [DLA 1585-1] ruby-rack security update

Package : ruby-rack Version : 1.5.2-3+deb8u2 CVE ID : CVE-2018-16471 Debian Bug : 913005 It was discovered that there was an XSS vulnerability in the ruby-rack web-server library. A malicious request could impact the HTTP/HTTPS scheme being returned to the underlying application. For Debian 8...