SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ruby2.1-rubygem-rack-1_6-1.6.8-13.2.x86_64.rpm :
Tue May 23 14:00:00 2017 cooloAATTsuse.com
- updated to version 1.6.8
see installed HISTORY.md

Fri Nov 11 13:00:00 2016 cooloAATTsuse.com
- updated to version 1.6.5
see installed HISTORY.md
Sun Dec 4 18:48:03 2015 Jeremy Daer

* First-party \"SameSite\" cookies. Browsers omit SameSite cookies
from third-party requests, closing the door on many CSRF attacks.
Pass `same_site: true` (or `:strict`) to enable:
response.set_cookie \'foo\', value: \'bar\', same_site: true
or `same_site: :lax` to use Lax enforcement:
response.set_cookie \'foo\', value: \'bar\', same_site: :lax
Based on version 7 of the Same-site Cookies internet draft:
https://tools.ietf.org/html/draft-west-first-party-cookies-07
Thanks to Ben Toews (AATTmastahyeti) and Bob Long (AATTbobjflong) for
updating to drafts 5 and 7.
Wed Jun 24 12:13:37 2015 Aaron Patterson

* Fix Ruby 1.8 backwards compatibility

Mon Jul 4 14:00:00 2016 cooloAATTsuse.com
- split off 1.6 in preparation of 2.0

Fri Jun 19 14:00:00 2015 cooloAATTsuse.com
- updated to version 1.6.4
see installed HISTORY.md
Fri Jun 19 07:14:50 2015 Matthew Draper

* Work around a Rails incompatibility in our private API

Wed Jun 17 14:00:00 2015 cooloAATTsuse.com
- updated to version 1.6.2
see installed HISTORY.md
Fri Jun 12 11:37:41 2015 Aaron Patterson

* Prevent extremely deep parameters from being parsed. CVE-2015-3225

Thu May 7 14:00:00 2015 cooloAATTsuse.com
- updated to version 1.6.1
no changelog found

Fri Feb 6 13:00:00 2015 cooloAATTsuse.com
- updated to version 1.6.0

Sat Nov 1 13:00:00 2014 tboergerAATTsuse.com
- Fixed all rpmlintrc errors to prevent failing builds with
multiple ruby versions

Mon Sep 29 14:00:00 2014 mrueckertAATTsuse.de
- added rpmlintrc to ignore the rackup shebang line in a test case
- updated to new packaging scheme and add gem2rpm.yml

Tue May 28 14:00:00 2013 cooloAATTsuse.com
- new template version

Tue Feb 12 13:00:00 2013 cooloAATTsuse.com
- updated to version 1.5.2

* February 7th, Thirty fifth public release 1.5.2

* Fix CVE-2013-0263, timing attack against Rack::Session::Cookie

* Fix CVE-2013-0262, symlink path traversal in Rack::File

* Add various methods to Session for enhanced Rails compatibility

* Request#trusted_proxy? now only matches whole stirngs

* Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns

* URLMap host matching in environments that don\'t set the Host header fixed

* Fix a race condition that could result in overwritten pidfiles

* Various documentation additions

Sun Feb 3 13:00:00 2013 cooloAATTsuse.com
- updated to version 1.5.1

Thu Jan 24 13:00:00 2013 cooloAATTsuse.com
- update to version 1.5.0, remove suffix

* Introduced hijack SPEC, for before-response and after-response hijacking

* SessionHash is no longer a Hash subclass

* Rack::File cache_control parameter is removed, in place of headers options

* Rack::Auth::AbstractRequest#scheme now yields strings, not symbols

* Rack::Utils cookie functions now format expires in RFC 2822 format

* Rack::File now has a default mime type

* rackup -b \'run Rack::File.new(\".\")\', option provides command line configs

* Rack::Deflater will no longer double encode bodies

* Rack::Mime#match? provides convenience for Accept header matching

* Rack::Utils#q_values provides splitting for Accept headers

* Rack::Utils#best_q_match provides a helper for Accept headers

* Rack::Handler.pick provides convenience for finding available servers

* Puma added to the list of default servers (preferred over Webrick)

* Various middleware now correctly close body when replacing it

* Rack::Request#params is no longer persistent with only GET params

* Rack::Request#update_param and #delete_param provide persistent operations

* Rack::Request#trusted_proxy? now returns true for local unix sockets

* Rack::Response no longer forces Content-Types

* Rack::Sendfile provides local mapping configuration options

* Rack::Utils#rfc2109 provides old netscape style time output

* Updated HTTP status codes

* Ruby 1.8.6 likely no longer passes tests, and is no longer fully supported

Tue Jan 8 13:00:00 2013 cooloAATTsuse.com
- updated to version 1.4.3

* Add warnings when users do not provide a session secret

* Fix parsing performance for unquoted filenames

* Updated URI backports

* Fix URI backport version matching, and silence constant warnings

* Correct parameter parsing with empty values

* Correct rackup \'-I\' flag, to allow multiple uses

* Correct rackup pidfile handling

* Report rackup line numbers correctly

* Fix request loops caused by non-stale nonces with time limits

* Fix reloader on Windows

* Prevent infinite recursions from Response#to_ary

* Various middleware better conforms to the body close specification

* Updated language for the body close specification

* Additional notes regarding ECMA escape compatibility issues

* Fix the parsing of multiple ranges in range headers

* Prevent errors from empty parameter keys

* Added PATCH verb to Rack::Request

* Various documentation updates

* Fix session merge semantics (fixes rack-test)

* Rack::Static :index can now handle multiple directories

* All tests now utilize Rack::Lint (special thanks to Lars Gierth)

* Rack::File cache_control parameter is now deprecated, and removed by 1.5

* Correct Rack::Directory script name escaping

* Rack::Static supports header rules for sophisticated configurations

* Multipart parsing now works without a Content-Length header

* New logos courtesy of Zachary Scott!

* Rack::BodyProxy now explicitly defines #each, useful for C extensions

* Cookies that are not URI escaped no longer cause exceptions

* Security: Prevent unbounded reads in large multipart boundaries

Tue Jul 31 14:00:00 2012 jreidingerAATTsuse.com
- use new gem2rpm to provide new provisions

Mon Apr 2 14:00:00 2012 saschpeAATTsuse.de
- Spec file cleanup:

* Prepare for Factory submission

Fri Mar 30 14:00:00 2012 adrianAATTsuse.de
- handle /usr/bin/rackup via update-alternatives

Thu Jan 26 13:00:00 2012 mrueckertAATTsuse.de
- initial package of the 1.4 branch


 
ICM