update history 1.6.2

author: Aaron Patterson <aaron.patterson@gmail.com> 2015-06-12 11:40:06 -0700
committer: Aaron Patterson <aaron.patterson@gmail.com> 2015-06-12 11:40:36 -0700
commit: 90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad (patch)
tree: b4d6e178897db7921818d4bd18d8d7bc21bda6b1
parent: 2a4193dcae6f32d7979c75ebc0692c50ddbdac93 (diff)
download: rack-90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/HISTORY.md b/HISTORY.md
index b78d8340..1b65179d 100644
--- a/HISTORY.md
+++ b/HISTORY.md
@@ -1,5 +1,8 @@
+Fri Jun 12 11:37:41 2015  Aaron Patterson <tenderlove@ruby-lang.org>
+
+        * Prevent extremely deep parameters from being parsed. CVE-2015-3225
+
  ### December 18th, Thirty sixth public release 1.6.0
-  - TODO
  
  ### February 7th, Thirty fifth public release 1.5.2
    - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
author	Aaron Patterson <aaron.patterson@gmail.com>	2015-06-12 11:40:06 -0700
committer	Aaron Patterson <aaron.patterson@gmail.com>	2015-06-12 11:40:36 -0700
commit	90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad (patch)
tree	b4d6e178897db7921818d4bd18d8d7bc21bda6b1
parent	2a4193dcae6f32d7979c75ebc0692c50ddbdac93 (diff)
download	rack-90d7d2a8f7ab50cb80adcc05a7fcdd1dfa60f2ad.tar.gz