Asp Forum
Home
|
Login
|
Register
|
Search
Forums
>
comp.lang.ruby
[ANN] [SECURITY] Rack 0.9.1, a modular Ruby webserver interface
Christian Neukirchen
1/9/2009 4:54:00 PM
Hello,
Today we release Rack 0.9.1. This release is a *security release*, it
only fixes directory traversal exploits in Rack::File and
Rack::Directory, dating back to Rack 0.3. Updating is highly
recommended if you use these modules.
= Rack, a modular Ruby webserver interface
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
The exact details of this are described in the Rack specification,
which all Rack applications should conform to.
== Changes
* January 9th, 2009: Sixth public release 0.9.1.
* Fix directory traversal exploits in Rack::File and Rack::Directory.
== Where can I get it?
You can download Rack 0.9.1 at
http://chneukirchen.org/releases/rack-0....
http://rubyforge.org/pro...
Alternatively, you can checkout from the development repository with:
git clone git://github.com/rack/rack.git
cd rack && git checkout rack-0.9 # for this release
== Installing with RubyGems
A Gem of Rack is available. You can install it with:
gem install rack
I also provide a local mirror of the gems (and development snapshots)
at my site:
gem install rack --source
http://chneukirchen.org/rele...
== Contact
Please mail bugs, suggestions and patches to
<mailto:rack-devel@googlegroups.com>.
Mailing list archives are available at
<
http://groups.google.com/group/rack...
.
There is a bug tracker at <
http://rack.lighthouseap...
.
Git repository (patches rebased on master are most welcome):
*
http://github.com...
*
http://git.vuxu.org/cgi-bin/gitweb.cgi?...
You are also welcome to join the #rack channel on irc.freenode.net.
== Thanks
The Rack Core Team, consisting of
* Christian Neukirchen (chneukirchen)
* James Tucker (raggi)
* Josh Peek (josh)
* Michael Fellinger (manveru)
* Ryan Tomayko (rtomayko)
* Scytrin dai Kinthra (scytrin)
would like to thank:
* Tom Robinson, for finding and reporting these bugs.
== Copyright
Copyright (C) 2007, 2008, 2009 Christian Neukirchen <
http://purl.org/net/chneuk...
Rack is freely distributable under the terms of an MIT-style license.
== Links
Rack:: <
http://rack.rubyforg...
Rack's Rubyforge project:: <
http://rubyforge.org/pro...
>
Official Rack repositories:: <
http://github.co...
rack-devel mailing list:: <
http://groups.google.com/group/rack...
Happy hacking and have a nice day,
Christian Neukirchen
on behalf of the Rack Core Team.
237e24207b39c384d78c266d86bbf2a0808dc417 rack-0.9.1.tar.gz
d3383a4b4abfc2de43df69d1fd7f24995a6e5fe4 rack-0.9.1.gem
Servizio di avviso nuovi messaggi
Ricevi direttamente nella tua mail i nuovi messaggi per
[ANN] [SECURITY] Rack 0.9.1, a modular Ruby webserver interface
Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te
Il servizio è completamente GRATUITO!
x
Login to ForumsZone
Login with Google
Login with E-Mail & Password