Releases: rack/rack
Releases · rack/rack
v3.0.9.1
What's Changed
- Fixed ReDoS in Accept header parsing [CVE-2024-26146]
- Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
- Reject Range headers which are too large [CVE-2024-26141]
Full Changelog: v3.0.9...v3.0.9.1
v2.2.8.1
What's Changed
- Fixed ReDoS in Accept header parsing [CVE-2024-26146]
- Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
- Reject Range headers which are too large [CVE-2024-26141]
Full Changelog: v2.2.8...v2.2.8.1
v2.1.4.4
What's Changed
- Fixed ReDoS in Accept header parsing [CVE-2024-26146]
Full Changelog: v2.1.4.3...v2.1.4.4
v2.0.9.4
What's Changed
- Fixed ReDoS in Accept header parsing [CVE-2024-26146]
Full Changelog: v2.0.9.3...v2.0.9.4
v3.0.9
v2.2.8
What's Changed
- Limit file extension length of multipart tempfiles (2.2 backport) by @dentarg in #2075
- CHANGELOG: Add missing 2.2.7 by @tisba in #2081
- Update cookie.rb by @dchandekstark in #2092
- Prefer ubuntu-latest for testing. by @ioquatix in #2095
- Fix inefficient assert pattern in Rack::Lint [2-2-stable] by @skipkayhil in #2101
- Regenerate SPEC [2-2-stable] by @skipkayhil in #2102
New Contributors
- @tisba made their first contribution in #2081
- @dchandekstark made their first contribution in #2092
Full Changelog: v2.2.7...v2.2.8
v3.0.8
What's Changed
- Backport "Fix some unused variable verbose warnings" by @skipkayhil in #2084
New Contributors
- @skipkayhil made their first contribution in #2084
Full Changelog: v3.0.7...v3.0.8
v2.2.7
What's Changed
- Correct the year number in the changelog by @kimulab in #2015
- Support underscore in host names for Rack 2.2 (Fixes #2070) by @jeremyevans in #2071
New Contributors
Full Changelog: v2.2.6.4...v2.2.7
v3.0.7
What's Changed
- Backport "Make query parameters without = have nil values". by @jeremyevans in #2060
Full Changelog: v3.0.6.1...v3.0.7
v3.0.6.1
tagging