[ubuntu/xenial-security] ruby-rack-cors 0.4.0-1+deb9u2build0.16.04.1 (Accepted)

Mike Salvatore Mon, 05 Oct 2020 11:14:16 -0700

ruby-rack-cors (0.4.0-1+deb9u2build0.16.04.1) xenial-security; urgency=medium


  * fake sync from Debian

ruby-rack-cors (0.4.0-1+deb9u2) stretch-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2019-18978: This package allowed ../ directory traversal
    to access private resources because resource matching did not
    ensure that pathnames were in a canonical format.

Date: 2020-10-05 17:51:13.141017+00:00
Changed-By: Mike Salvatore <mike.salvat...@canonical.com>
https://launchpad.net/ubuntu/+source/ruby-rack-cors/0.4.0-1+deb9u2build0.16.04.1

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] ruby-rack-cors 0.4.0-1+deb9u2build0.16.04.1 (Accepted)

Reply via email to