Debian Package Tracker
Register | Log in
Subscribe

ruby-rack-session

Session management implementation for Rack

Choose email to subscribe with

general
  • source: ruby-rack-session (main)
  • version: 2.1.2-2
  • maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
  • uploaders: Lucas Kanashiro [DMD] – Utkarsh Gupta [DMD]
  • arch: all
  • std-ver: 4.7.4
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • stable: 2.1.1-0.1
  • testing: 2.1.2-2
  • unstable: 2.1.2-2
versioned links
  • 2.1.1-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.1.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • ruby-rack-session
action needed
The VCS repository is not up to date, push the missing commits. high
vcswatch reports that this package has been uploaded into the archive but the debian/changelog in the VCS is still UNRELEASED. You should consider pushing the missing commits or updating the VCS.
Created: 2026-07-04 Last update: 2026-07-13 07:33
1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:
  • CVE-2026-39324: Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie. This allows an unauthenticated attacker to supply a crafted session cookie that is accepted as valid session data without knowledge of any configured secret. Because this mechanism is used to load session state, an attacker can manipulate session contents and potentially gain unauthorized access. This vulnerability is fixed in 2.1.2.
Created: 2026-04-07 Last update: 2026-07-07 04:31
news
[rss feed]
  • [2026-07-07] ruby-rack-session 2.1.2-2 MIGRATED to testing (Debian testing watch)
  • [2026-07-04] Accepted ruby-rack-session 2.1.2-2 (source) into unstable (Simon Quigley)
  • [2026-07-03] ruby-rack-session 2.1.2-1 MIGRATED to testing (Debian testing watch)
  • [2026-06-29] Accepted ruby-rack-session 2.1.2-1 (source) into unstable (Simon Quigley)
  • [2026-05-18] ruby-rack-session 2.1.1-0.2 MIGRATED to testing (Debian testing watch)
  • [2026-05-09] Accepted ruby-rack-session 2.1.1-0.2 (source) into unstable (Adrian Bunk)
  • [2025-07-17] ruby-rack-session 2.1.1-0.1 MIGRATED to testing (Debian testing watch)
  • [2025-07-15] Accepted ruby-rack-session 2.1.1-0.1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
  • [2025-06-13] Accepted ruby-rack-session 2.1.0-2~exp1 (source) into experimental (Gabriel Ferreira de Souza Araujo) (signed by: Lucas Kanashiro)
  • [2025-03-11] ruby-rack-session 2.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2025-03-08] Accepted ruby-rack-session 2.1.0-1 (source) into unstable (Utkarsh Gupta)
  • [2025-02-12] ruby-rack-session 2.0.0-3 MIGRATED to testing (Debian testing watch)
  • [2025-01-30] Accepted ruby-rack-session 2.0.0-3 (source) into unstable (Utkarsh Gupta)
  • [2025-01-28] Accepted ruby-rack-session 2.0.0-2 (source) into unstable (Utkarsh Gupta)
  • [2025-01-09] Accepted ruby-rack-session 2.0.0-1+exp1 (source) into experimental (Cédric Boutillier)
  • [2023-06-27] Accepted ruby-rack-session 2.0.0-1 (source) into unstable (Lucas Kanashiro)
  • [2022-11-11] Accepted ruby-rack-session 0.3.0-1 (source all) into unstable (Debian FTP Masters) (signed by: Lucas Kanashiro)
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.1.2-2

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing