-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 20 Nov 2018 10:10:14 +0100 Source: ruby-rack Binary: ruby-rack Built-For-Profiles: nocheck Architecture: source all Version: 1.6.4-4+deb9u1 Distribution: stretch Urgency: medium Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: ruby-rack - modular Ruby webserver interface Closes: 913005 Changes: ruby-rack (1.6.4-4+deb9u1) stretch; urgency=medium . * CVE-2018-16471: Prevent a possible XSS vulnerability where a malicious request could impact the HTTP/HTTPS scheme returned to the underlying application. (Closes: #913005) Checksums-Sha1: 25032a6865e6b5ca28368108772f42e9c063a8cc 2271 ruby-rack_1.6.4-4+deb9u1.dsc 9a72f441c920e6698133eb2fb8c6f9762220096c 6776 ruby-rack_1.6.4-4+deb9u1.debian.tar.xz 6f479f2feceb67ab0bc96db82edc2cb7f2fac614 88602 ruby-rack_1.6.4-4+deb9u1_all.deb 25c475a4a71fa05c61745c680048d00298a5fa3d 7079 ruby-rack_1.6.4-4+deb9u1_amd64.buildinfo Checksums-Sha256: 41142ffdfd57589a1f928a1117bce26752e3150434e675ab9e26685c2137f26b 2271 ruby-rack_1.6.4-4+deb9u1.dsc 67f38992d2ddddd7110cc5cecf363661f720221e91c25de79a75e1ca23d86060 6776 ruby-rack_1.6.4-4+deb9u1.debian.tar.xz 3202b81ba94aea5da8a2ef45ec3118bf6754692c4c0e5e3b60c42e3a2f3bc1b1 88602 ruby-rack_1.6.4-4+deb9u1_all.deb d943e22e25f064fe4e34d67b04277538f5131115234ae952de5fb9190afa6564 7079 ruby-rack_1.6.4-4+deb9u1_amd64.buildinfo Files: 678efcbdc5dcc8b271dbb9b51aa1ca4c 2271 ruby optional ruby-rack_1.6.4-4+deb9u1.dsc 423edc354bee70551915934b6fba8aae 6776 ruby optional ruby-rack_1.6.4-4+deb9u1.debian.tar.xz e116308c96a0d3e7acd6ea688d5fb684 88602 ruby optional ruby-rack_1.6.4-4+deb9u1_all.deb 0cbd60265e20328b2e8a0fa44aa1f0fb 7079 ruby optional ruby-rack_1.6.4-4+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlwhGQQACgkQHpU+J9Qx HljRAA//fzo9oYSvgOxmbpSkC0G6v3buywpYqe8Nta9vWk1+3vGs8bv7/eroQt5E Z64Nv4+uati3zvlDc5S8c+50BbA42edXP0pvtu4KlxJYmJ19Nk3LJOxP4KJ+r9zD XV03k2IMY8ib3fh8g2/g7jr334J8dD6T4tIPGDzeetcTtD37bcTC+f2Gx3+Q+ENm 7Klql6jOQJMsApyavyYuRc9hpQFAwZ8IlgqAke+WczXmHyL1QPvVdeI1IB9Ctz85 y25FnB2vICofhqo1eAhyUzL85k5w8raaEv8hWX6zpU3XVohBCZzl7O2FwQw7a4Ut wSKY5s0VrD4J/mU68bym5hV0NREYQRGI+r3eJCDY5lxJOWyZse+zwOlugIGQutxz mdSg0HqTVOHppbYYhb642d4bERz0ulHkvGblB94R0YqZ3KLL1LkZclzbutP4tqhN BEvbcYeecafgiENcd7gJZHi/RLQBXkcQKmihEvUcwcTwN/SLZYnLG30uB0qaL85D vkF1HVG47Gdr9hmBCBkHgMW4H0QINPrKt2E8gjsPKWdiA+QsPZpzfWUc5krOlV5H uKOwtMI9Ftdcjm26IebmOsBj9ZVsWRNrzxDYK9F9ygL0NNqqYJwa0RcXv37CZFEc WADHArDwrVR2gS1402ahKmDbMGut9cHVALHujHMgoy0k5jDSRqw= =LmSz -----END PGP SIGNATURE-----