Changelog for ruby2.5-rubygem-rack-doc-2.0.8-150000.3.18.1.x86_64.rpm :

* Mon Mar 20 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-27539 [bsc#1209503], denial of service in header parsing + rubygem-rack-CVE-2023-27539.patch
* Thu Mar 09 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-27530 [bsc#1209095], Denial of service in Multipart MIME parsing + rubygem-rack-CVE-2023-27530.patch
* Fri Jan 27 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-44570 [bsc#1207597], denial of service in Content-Disposition parsing + rubygem-rack-CVE-2022-44570.patch fix CVE-2022-44571 [bsc#1207599], denial of service in Content-Disposition parsing + rubygem-rack-CVE-2022-44571.patch fix CVE-2022-44572 [bsc#1207596], denial of service in Content-Disposition parsing + rubygem-rack-CVE-2022-44572.patch
* Thu Sep 15 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-8184 [bsc#1173351], percent-encoded cookies can be used to overwrite existing prefixed cookie names + rubygem-rack-CVE-2020-8184.patch fix CVE-2020-8161 [bsc#1172037], directory traversal in Rack:Directory + rubygem-rack-CVE-2020-8161.patch
* Tue Jun 21 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-30122 [bsc#1200748], crafted multipart POST request may cause a DoS + rubygem-rack-CVE-2022-30122.patch fix CVE-2022-30123 [bsc#1200750], crafted requests can cause shell escape sequences + rubygem-rack-CVE-2022-30123.patch
* Thu Dec 19 2019 dkangAATTsuse.com- updated to version 2.0.8
* CVE-2019-16782: Possible information leak / session hijack vulnerability
* Sat Apr 06 2019 mschnitzerAATTsuse.com- updated to version 2.0.7 no changelog found
* Tue Nov 06 2018 mrueckertAATTsuse.de- update to 2.0.6:
* CVE-2018-16471: cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1114828)
* Mon Apr 23 2018 factory-autoAATTkulow.org- updated to version 2.0.5 see installed HISTORY.md
* Mon Apr 16 2018 mschnitzerAATTsuse.com- Only build against ruby versions 2.3.x, 2.4.x, and 2.5.x- Fix package build by removing the executable bit for \'test.gz\' file in gem
* Thu Feb 08 2018 cooloAATTsuse.com- updated to version 2.0.4 see installed HISTORY.md
* Tue Oct 31 2017 mrueckertAATTsuse.de- only build for 2.3+ from now
* Wed Jun 07 2017 mrueckertAATTsuse.de- re-add the rb_build_versions and rb_default_ruby_abi as otherwise building on older distros fails.- add ruby 2.4
* Thu Jun 01 2017 opensuse_buildserviceAATTojkastl.de- removed manual definition of rb_build_versions and rb_default_ruby_abi from gem2rpm.yml; recreated spec
* Tue May 23 2017 cooloAATTsuse.com- updated to version 2.0.3 see installed HISTORY.md
* Wed Jul 06 2016 mrueckertAATTsuse.de- make build again by only building for 2.2 and newer
* Fri Jul 01 2016 cooloAATTsuse.com- updated to version 2.0.1 see installed HISTORY.md
* Fri Jun 19 2015 cooloAATTsuse.com- updated to version 1.6.4 see installed HISTORY.md Fri Jun 19 07:14:50 2015 Matthew Draper
* Work around a Rails incompatibility in our private API
* Wed Jun 17 2015 cooloAATTsuse.com- updated to version 1.6.2 see installed HISTORY.md Fri Jun 12 11:37:41 2015 Aaron Patterson
* Prevent extremely deep parameters from being parsed. CVE-2015-3225
* Thu May 07 2015 cooloAATTsuse.com- updated to version 1.6.1 no changelog found
* Fri Feb 06 2015 cooloAATTsuse.com- updated to version 1.6.0
* Sat Nov 01 2014 tboergerAATTsuse.com- Fixed all rpmlintrc errors to prevent failing builds with multiple ruby versions