-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 May 2021 15:24:15 +0530 Source: ruby-rack-cors Binary: ruby-rack-cors Architecture: source all Version: 1.0.2-1+deb10u1 Distribution: buster-security Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Utkarsh Gupta <utkarsh@debian.org> Description: ruby-rack-cors - enable Cross-Origin Resource Sharing in Rack apps Closes: 944849 Changes: ruby-rack-cors (1.0.2-1+deb10u1) buster-security; urgency=high . * Unescape and resolve paths before resource checks. (Fixes: CVE-2019-18978) (Closes: #944849) Checksums-Sha1: bb7aec89d0af8cdb687767dba955808bdbe5f4e0 2144 ruby-rack-cors_1.0.2-1+deb10u1.dsc f525680c94392d5f223e2b0ca2f971b4cffa2ced 49170 ruby-rack-cors_1.0.2.orig.tar.gz 0604aa1ea8f6a224fdc36ce3aaf8349ad708ec80 4192 ruby-rack-cors_1.0.2-1+deb10u1.debian.tar.xz 214a5eedb52d34d5292499c4cf3e42e1a4ff5aeb 11036 ruby-rack-cors_1.0.2-1+deb10u1_all.deb c8d8046bb6ce33e282e67051c00ff5a153b8f299 9494 ruby-rack-cors_1.0.2-1+deb10u1_amd64.buildinfo Checksums-Sha256: 0d79bce9231a1decb488e4c2ad08cabbd5e5b60cfbd1e0fa5d4b211a70c14869 2144 ruby-rack-cors_1.0.2-1+deb10u1.dsc d035fe0d41f28f8955c826b20fc25b967688681ac0a6820030626dc55198cd8a 49170 ruby-rack-cors_1.0.2.orig.tar.gz 4f95b6d6a2e31708aadf33dea212ec16b69d570b6f951754c8c2207eaee566a6 4192 ruby-rack-cors_1.0.2-1+deb10u1.debian.tar.xz cfa785adde4250649ad298c899cfd69ca88e926118acf843c14e111055ca206b 11036 ruby-rack-cors_1.0.2-1+deb10u1_all.deb 28e27c4ad38a15d2292f1af53117e0835c098c2682d8d10e8faa4d320ff17168 9494 ruby-rack-cors_1.0.2-1+deb10u1_amd64.buildinfo Files: 07837358966a7dc2078153a75ce9db10 2144 ruby optional ruby-rack-cors_1.0.2-1+deb10u1.dsc 20cb389d338c21e44e886b29e600ff40 49170 ruby optional ruby-rack-cors_1.0.2.orig.tar.gz 6257663b225918c91990bffba3d522a8 4192 ruby optional ruby-rack-cors_1.0.2-1+deb10u1.debian.tar.xz bef2ba6bdb33efb79ecb16f8e9875447 11036 ruby optional ruby-rack-cors_1.0.2-1+deb10u1_all.deb 6ba8182ddbc7e9b8800077581a6894bc 9494 ruby optional ruby-rack-cors_1.0.2-1+deb10u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmCc+RkTHHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlmG7EADBK2rw9No3UyFaFu8XPjO9riYvBujr CxPbnF5K5lL9AtgFNLB0d/qiXdkxrCCpTA+Dyk0nQXTL9uOwdq08f5SErmJz9kot vxECP8TlSCNMvlAwqQzYdRnsz7R8ejGjs+JkIN3HlP+ZowNqtRCN+uaVLh3Bff07 xoeoVZ4AdKcPUpjmeGzLJhuvniknZxPKfX0DfwZUJAvAxI1VTZ0neSiFwc7Sc3QI BTuj+cTNebZR1i6qh3tJO5RtupXN4HLwl4TJ/LLl2jRvxqitDVAu2oNd0/O9axtB PvzFJE1GnEIFfN1Owu2cFs9jQ/nKrOS40I0X71thZWLQdwsozSqdLMzLZNKLtgl0 Uu5TZxvFqheiup6Kw5axGri/czM5o/IgjrMwaOP3/QQqnw710skCa3Je8ttO7vC3 tAvxPqxW6AfDfq4AA9YD1cTXlvRcytF2k78Qy5W62SDDh89IxOlmX1KWB+UtcD6X Qeh9TZ5K/uwebPzhQVe1FHGbZR7A3U4hu/D6FlrAfRUGpO1HuPX15z0B+otx4e2M /zBDJNALnNlVEzBu8jTSHpIJfcq9INGQstcZcaTpkx4GZ7yedxF4Gah5GYhABcct MKi0JnjVtw20+EY+bN3xf1WdmvD1rELpTpORueJk1sT7fti2D/z1aU44GV8oSWz2 t0WLBu6bg/eMBA== =k1hT -----END PGP SIGNATURE-----