ruby-rack-cors (0.4.0-1+deb9u2build0.16.04.1) xenial-security; urgency=medium
* fake sync from Debian
ruby-rack-cors (0.4.0-1+deb9u2) stretch-security; urgency=high
* Non-maintainer upload by the LTS team.
* Fix CVE-2019-18978: This package allowed ../ directory traversal
to access private resources because resource matching did not
ensure that pathnames were in a canonical format.
Date: 2020-10-05 17:51:13.141017+00:00
Changed-By: Mike Salvatore <mike.salvat...@canonical.com>
https://launchpad.net/ubuntu/+source/ruby-rack-cors/0.4.0-1+deb9u2build0.16.04.1
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes