Updated ruby-rack packages fix CVE-2015-3225

Updated ruby-rack packages fix security vulnerability: lib/rack/utils.rb in Rack before 1.5.4 allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth CVE-2015-3225...

MGASA-2015-0346 Updated ruby-rack packages fix CVE-2015-3225

Updated ruby-rack packages fix security vulnerability: lib/rack/utils.rb in Rack before 1.5.4 allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth CVE-2015-3225...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq...

Debian DSA-3322-1 : ruby-rack - security update

Tomek Rabczak from the NCC Group discovered a flaw in the normalizeparams method in Rack, a modular Ruby webserver interface. A remote attacker can use this flaw via specially crafted requests to cause a SystemStackError and potentially cause a denial of service condition for the service...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq -...

DSA-3322-1 ruby-rack - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3322-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1)

The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. ...

GLSA-201405-10 : Rack: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-10 Rack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with...

MGASA-2014-0156 Updated ruby-rack-ssl packages fix CVE-2014-2538

Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...

FreeBSD : Ruby Rack Gem -- Multiple Issues (fcfdabb7-f14d-4e61-a7d5-cfefb4b99b15)

Rack developers report : Today we are proud to announce the release of Rack 1.4.5. Fix CVE-2013-0263, timing attack against Rack::Session::Cookie Fix CVE-2013-0262, symlink path traversal in Rack::File %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

GLSA-201203-05 : Rack: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201203-05 Rack: Denial of Service Rack does not properly randomize hash functions to protect against hash collision attacks. Impact : A remote attacker could send a specially crafted form post, possibly resulting in a Denial of...