-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 02 May 2024 23:39:36 +0300 Source: ruby-rack Binary: ruby-rack Architecture: all Version: 2.2.6.4-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Adrian Bunk Description: ruby-rack - modular Ruby webserver interface Closes: 1064516 Changes: ruby-rack (2.2.6.4-1+deb12u1) bookworm-security; urgency=medium . * Non-maintainer upload. * CVE-2024-25126: ReDoS in Content Type header parsing * CVE-2024-26141: Reject Range headers which are too large * CVE-2024-26146: ReDoS in Accept header parsing * Closes: #1064516 Checksums-Sha1: 62f02defad4f151b9a6ea8bd6a4494b6dae3e10f 9438 ruby-rack_2.2.6.4-1+deb12u1_all-buildd.buildinfo 50ba9112146e28e0c3fce6ea2786d4d6b5618f4a 132520 ruby-rack_2.2.6.4-1+deb12u1_all.deb Checksums-Sha256: a3a322778429a37ca847cb484328124c99a8ba1b2733c04a4cd0d78790316cff 9438 ruby-rack_2.2.6.4-1+deb12u1_all-buildd.buildinfo b7943ddbec90dc40bd9fc1176cbabf4e04b2aff8722c2041cc0fb0de8b747972 132520 ruby-rack_2.2.6.4-1+deb12u1_all.deb Files: 70457db5b6ecb8b6d3cfd2888d3784ce 9438 ruby optional ruby-rack_2.2.6.4-1+deb12u1_all-buildd.buildinfo aad02271a3522399d559745a74222521 132520 ruby optional ruby-rack_2.2.6.4-1+deb12u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmZOQ1gACgkQ4cagXJhO TXvyQxAAsNNAw+NZgUKlwPRBB6Uf7ncHAeXE7p+c6cuYO83ItqgxjqfxuCK9muNS neaS+OKxYyG4Q+w9tiWTYXNNfd3+XygjMEepE0R695rYilWuOAxKmQ0aLs2eu432 B4lfXDHuRf2SBxKhJFcOfbfR4arin305+zXRzVnhST43GO0gVOiWTzI0pEpCrpzF rSpK7DARytQQAFHLGrFd0zmBRPixkeMe/DSaE6IFykgaYhNV662ncrEjbNvAW9tU bFaK7vbTkcJJJfjCZuJXD3+vl/zfWR7HTNi5kZVpyWxeLEGkWAl7VhcSPRjr+bJc kGoz6S/z+/6UdlWVXC758ZS2s5fDCO3mk/Z9VYt7IFqmjeW8rW5P3+8SED9p5/UC Hr7t6oPNdDOaXk8/+1qKPQTSi5ZNzEnNeGevNWcibtbGzyeDolSiiZeWwLsXQybg akW4eEHvVpyznwE2grd4gD62BeyMcKZ4tm4idbgMmUa57re8qmzhou+/uwHdPFZl KjJiCsllfhFxYSe7J5ozfFqCZ5mC85tBLuYBe0DXHXnbXIoXOYUWaQIPvN29o5i2 UTlUyofkkErOrXxiVWq1VMaHmZvSJ9nZfrbAxAbseHdISuxFoIAzjM3KeyJK3bXt A0nOdozsGkXO4i3E73gKw55q1X2Q8563RC0oMDEiCjaPpY9gb+g= =aUVK -----END PGP SIGNATURE-----