From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <chneukirchen@gmail.com>
Received: from zorya.localdomain (001e643c5030.dfn.mwn.de [138.246.23.106])
 by mx.google.com with ESMTPS id x13sm220708fah.29.2011.07.14.09.34.42
 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 14 Jul 2011 09:34:42 -0700 (PDT)
Received: by zorya.localdomain (Postfix, from userid 1000) id D1A8EC1F62;
 Thu, 14 Jul 2011 18:34:47 +0200 (CEST)
From: James Tucker <chneukirchen@gmail.com>
To: Rack Development <rack-devel@googlegroups.com>
Subject: [ANN] [SECURITY] Rack 1.3.1, a modular Ruby webserver interface
Original-Sender: Christian Neukirchen <chneukirchen@gmail.com>
Date: Thu, 14 Jul 2011 18:34:47 +0200
Message-ID: <87y6006ct4.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Hello,

Today we are proud to announce the release of Rack 1.3.1.
This release is a *security release*, fixing a denial of service
vector from MRI stdlib backport.

= Rack, a modular Ruby webserver interface

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby.  By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between (the so-called middleware) into a single method call.
The exact details of this are described in the Rack specification, which all Rack applications should conform to.

== Changes

* July 13, 2011: Fifteenth public release 1.3.1
  * Fix 1.9.1 support
  * Fix JRuby support
  * Properly handle $KCODE in Rack::Utils.escape
  * Make method_missing/respond_to behavior consistent for Rack::Lock,
    Rack::Auth::Digest::Request and Rack::Multipart::UploadedFile
  * Reenable passing rack.session to session middleware
  * Rack::CommonLogger handles streaming responses correctly
  * Rack::MockResponse calls close on the body object
  * Fix a DOS vector from MRI stdlib backport

== Where can I get it?

You can download Rack 1.3.1 at
        http://chneukirchen.org/releases/rack-1.3.1.tar.gz
                  http://rubyforge.org/projects/rack

Alternatively, you can checkout from the development repository with:
    git clone git://github.com/rack/rack.git
    cd rack && git checkout rack-1.3   # for this release

Happy hacking and have a nice day,

        James Tucker
        on behalf of the Rack Core Team.

d0149b63b50b3c6b819ccabf6d93ce28f4de9db6  rack-1.3.1.tar.gz
a28af77f2538ab906dfe6233baaf27aef1e6b1a5  rack-1.3.1.gem