Hello community, here is the log from the commit of package rubygem-rack-1_1 for openSUSE:Factory checked in at 2013-02-11 15:14:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-rack-1_1 (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-1_1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-rack-1_1", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-rack-1_1/rubygem-rack-1_1.changes 2012-05-14 16:20:38.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-1_1.new/rubygem-rack-1_1.changes 2013-02-11 15:14:10.000000000 +0100 @@ -1,0 +2,16 @@ +Mon Feb 11 08:19:08 UTC 2013 - adr...@suse.com + +- updated to version 1.1.6 + * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie + * Fix CVE-2013-0262, symlink path traversal in Rack::File + +- from 1.1.5: + * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings + * Fixed erroneous test case in the 1.3.x series + +------------------------------------------------------------------- +Wed Jan 9 09:57:54 UTC 2013 - adr...@suse.de + +- update to version 1.1.4 + +------------------------------------------------------------------- Old: ---- rack-1.1.2.gem New: ---- rack-1.1.6.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-rack-1_1.spec ++++++ --- /var/tmp/diff_new_pack.i4IqJ5/_old 2013-02-11 15:14:12.000000000 +0100 +++ /var/tmp/diff_new_pack.i4IqJ5/_new 2013-02-11 15:14:12.000000000 +0100 @@ -17,7 +17,7 @@ Name: rubygem-rack-1_1 -Version: 1.1.2 +Version: 1.1.6 Release: 0 # %define mod_name rack -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
