diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2015-06-12 11:40:06 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2015-06-12 11:40:36 -0700 |
commit | 90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad (patch) | |
tree | b4d6e178897db7921818d4bd18d8d7bc21bda6b1 | |
parent | 2a4193dcae6f32d7979c75ebc0692c50ddbdac93 (diff) | |
download | rack-90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad.tar.gz |
update history 1.6.2
-rw-r--r-- | HISTORY.md | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -1,5 +1,8 @@ +Fri Jun 12 11:37:41 2015 Aaron Patterson <tenderlove@ruby-lang.org> + + * Prevent extremely deep parameters from being parsed. CVE-2015-3225 + ### December 18th, Thirty sixth public release 1.6.0 - - TODO ### February 7th, Thirty fifth public release 1.5.2 - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie |