From mboxrd@z Thu Jan 1 00:00:00 1970 Delivered-To: chneukirchen@gmail.com Received: by 10.49.85.105 with SMTP id g9csp107805qez; Thu, 7 Feb 2013 19:13:32 -0800 (PST) Return-Path: Received-SPF: pass (google.com: domain of rack-core+bncBD75LW742ECRBXG22GEAKGQEKNPEUBA@googlegroups.com designates 10.50.159.197 as permitted sender) client-ip=10.50.159.197 Authentication-Results: mr.google.com; spf=pass (google.com: domain of rack-core+bncBD75LW742ECRBXG22GEAKGQEKNPEUBA@googlegroups.com designates 10.50.159.197 as permitted sender) smtp.mail=rack-core+bncBD75LW742ECRBXG22GEAKGQEKNPEUBA@googlegroups.com; dkim=pass header.i=@googlegroups.com X-Received: from mr.google.com ([10.50.159.197]) by 10.50.159.197 with SMTP id xe5mr5744846igb.3.1360293212777 (num_hops = 1); Thu, 07 Feb 2013 19:13:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20120806; h=x-received:mime-version:x-beenthere:x-received:x-received :received-spf:x-received:message-id:date:from:to:subject :x-original-sender:x-original-authentication-results:reply-to :precedence:mailing-list:list-id:x-google-group-id:list-post :list-help:list-archive:sender:list-unsubscribe:content-type :content-transfer-encoding; bh=anI4q8X7IFcEQGS4Sers6CBcgONJgQ16YW+MVu3bFxQ=; b=RkV5/wyre7RHJLCDsegPAzy0aUqSYZop/UE5PAX3TACaqDxWBrKUCXvnGhrPpDx2pP 4U7RzPkJkGLO/B5bufHNzRS3pyx0ejwHSqrRGoZLfU+YhK21l07wvLUgoJIF7UXPMQpg VQWmhRmoHvg+kQup8tE2raZpP1wo8vbMV4b5ttYJNicH/RduKMBQJwjF+10t9DuTz6RS rTJb9iAav8tpEXKtc3NFJS4PUUZnJ/pTY81E/XvXfdWZvxqmP9EZ59MJabRaTXGZvx+f Ty8hTii8otwb6nYYwR8+UFX4wauiVD/g6UTn5X+fgHy80gMy3dRHyct6XfesrtmJ0H5G SYfQ== X-Received: by 10.50.159.197 with SMTP id xe5mr965867igb.3.1360293212612; Thu, 07 Feb 2013 19:13:32 -0800 (PST) MIME-Version: 1.0 X-BeenThere: rack-core@googlegroups.com Received: by 10.50.217.164 with SMTP id oz4ls497860igc.26.canary; Thu, 07 Feb 2013 19:13:32 -0800 (PST) X-Received: by 10.42.168.1 with SMTP id u1mr2634121icy.8.1360293212359; Thu, 07 Feb 2013 19:13:32 -0800 (PST) X-Received: by 10.42.168.1 with SMTP id u1mr2634119icy.8.1360293212347; Thu, 07 Feb 2013 19:13:32 -0800 (PST) Received: from mail-ia0-x231.google.com (mail-ia0-x231.google.com [2607:f8b0:4001:c02::231]) by gmr-mx.google.com with ESMTPS id j19si666946iga.2.2013.02.07.19.13.32 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 07 Feb 2013 19:13:32 -0800 (PST) Received-SPF: pass (google.com: domain of jftucker@gmail.com designates 2607:f8b0:4001:c02::231 as permitted sender) client-ip=2607:f8b0:4001:c02::231; Received: by mail-ia0-x231.google.com with SMTP id h8so3725131iaa.22 for ; Thu, 07 Feb 2013 19:13:32 -0800 (PST) X-Received: by 10.50.187.230 with SMTP id fv6mr19304758igc.48.1360293212225; Thu, 07 Feb 2013 19:13:32 -0800 (PST) Received: from localhost ([216.239.55.209]) by mx.google.com with ESMTPS id ww6sm12217610igb.2.2013.02.07.19.13.25 (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 07 Feb 2013 19:13:25 -0800 (PST) Message-ID: <51146d55.c69e320a.1e98.ffffbdd4@mx.google.com> Date: Thu, 07 Feb 2013 19:13:25 -0800 (PST) From: jftucker@gmail.com To: ruby-talk@ruby-lang.org, rack-devel@googlegroups.com, rack-core@googlegroups.com Subject: [SEC][ANN] Rack 1.4.5, a modular Ruby webserver interface X-Original-Sender: jftucker@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jftucker@gmail.com designates 2607:f8b0:4001:c02::231 as permitted sender) smtp.mail=jftucker@gmail.com; dkim=pass header.i=@gmail.com Reply-To: rack-core@googlegroups.com Precedence: list Mailing-list: list rack-core@googlegroups.com; contact rack-core+owners@googlegroups.com List-ID: X-Google-Group-Id: 504757074975 List-Post: , List-Help: , List-Archive: Sender: rack-core@googlegroups.com List-Unsubscribe: , Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Today we are proud to announce the release of Rack 1.4.5. =3D Rack, a modular Ruby webserver interface=20 Rack provides a minimal, modular and adaptable interface for developing web= applications in Ruby. By wrapping HTTP requests and responses in the simp= lest way possible, it unifies and distills the API for web servers, web fra= meworks, and software in between (the so-called middleware) into a single m= ethod call. The exact details of this are described in the Rack specification, which al= l Rack applications should conform to.=20 =3D=3D Changes * February 7th, Thirty fifth public release 1.4.5 * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie * Fix CVE-2013-0262, symlink path traversal in Rack::File =3D=3D Where can I get it?=20 You can download Rack at=20 http://chneukirchen.org/releases/rack-1.4.5.tar.gz (upload pendin= g at time of writing) http://rubyforge.org/projects/rack Alternatively, you can checkout from the development repository with: git clone git://github.com/rack/rack.git cd rack && git checkout rack-1.4 # for this release Happy hacking and have a nice day, James Tucker on behalf of the Rack Core Team. 8550ba6b308d8a3439f79c51520d8ecd48d26019 rack-1.4.5.tar.gz 2bfd9337cde2ad1dfdf14abfa8cee00b963e91cb rack-1.4.5.gem -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (Darwin) iQEcBAEBAgAGBQJRFG1UAAoJELphsezQxofDXJ0H/3rEcU4AWycD0HJ0oWbuvlwC m9giSquFr+bIHbU4Y6MbR3SuanqSLtmhcu4N5oViVyK9t8N2ii+nLVh7pFig707q gy8JWTTvOWAyOxnl+isPixv3hM5je+lbd+vBHUGXhU/tHbov40WFTbhao5G39vHz 97X0s4Oy/XpM56SGkGblKgYFZEmQNSZJ9c/O26leZSXFawiOvrIgk6n9qkA06PFL RAqehAZ3MeMSz3zo91ZPC50rW8HgVgXYQiK5nC51sRoxnmHz1nX/HfQViiaD8TZ6 Rp8AqAjU/aDwXZz+f4TsyUpijc7FGiAWaNBhrA+QRUExv+aCG8StMRubtfpKCJs=3D =3DT60T -----END PGP SIGNATURE----- --=20 ---=20 You received this message because you are subscribed to the Google Groups "= Rack Core team" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to rack-core+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.