Package Release Info

rubygem-rack-2.0.8-bp152.1.1

Update Info: Base Release
Available in Package Hub : 15 SP2

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

ruby2.5-rubygem-rack
ruby2.5-rubygem-rack-doc
ruby2.5-rubygem-rack-testsuite

Change Logs

* Thu Dec 19 2019 David Kang <dkang@suse.com>
- updated to version 2.0.8
  * CVE-2019-16782: Possible information leak / session hijack vulnerability
* Sat Apr 06 2019 manuel <mschnitzer@suse.com>
- updated to version 2.0.7
  no changelog found
* Tue Nov 06 2018 Marcus Rueckert <mrueckert@suse.de>
- update to 2.0.6:
  * CVE-2018-16471: cross-site scripting (XSS) flaw via the scheme
    method on Rack::Request (bsc#1114828)
* Mon Apr 23 2018 factory-auto@kulow.org
- updated to version 2.0.5
  see installed HISTORY.md
* Mon Apr 16 2018 mschnitzer@suse.com
- Only build against ruby versions 2.3.x, 2.4.x, and 2.5.x
- Fix package build by removing the executable bit for 'test.gz' file in gem
* Thu Feb 08 2018 coolo@suse.com
- updated to version 2.0.4
  see installed HISTORY.md
* Tue Oct 31 2017 mrueckert@suse.de
- only build for 2.3+ from now
* Wed Jun 07 2017 mrueckert@suse.de
- re-add the rb_build_versions and rb_default_ruby_abi as otherwise
  building on older distros fails.
- add ruby 2.4
Version: 2.0.3-bp151.1.1
* Thu Jun 01 2017 opensuse_buildservice@ojkastl.de
- removed manual definition of rb_build_versions and rb_default_ruby_abi from gem2rpm.yml; recreated spec
* Tue May 23 2017 coolo@suse.com
- updated to version 2.0.3
  see installed HISTORY.md
* Wed Jul 06 2016 mrueckert@suse.de
- make build again by only building for 2.2 and newer
* Fri Jul 01 2016 coolo@suse.com
- updated to version 2.0.1
  see installed HISTORY.md
* Fri Jun 19 2015 coolo@suse.com
- updated to version 1.6.4
  see installed HISTORY.md
  Fri Jun 19 07:14:50 2015  Matthew Draper <matthew@trebex.net>
  * Work around a Rails incompatibility in our private API
* Wed Jun 17 2015 coolo@suse.com
- updated to version 1.6.2
  see installed HISTORY.md
  Fri Jun 12 11:37:41 2015  Aaron Patterson <tenderlove@ruby-lang.org>
  * Prevent extremely deep parameters from being parsed. CVE-2015-3225
* Thu May 07 2015 coolo@suse.com
- updated to version 1.6.1
  no changelog found
* Fri Feb 06 2015 coolo@suse.com
- updated to version 1.6.0
* Sat Nov 01 2014 tboerger@suse.com
- Fixed all rpmlintrc errors to prevent failing builds with
  multiple ruby versions
* Mon Sep 29 2014 mrueckert@suse.de
- added rpmlintrc to ignore the rackup shebang line in a test case
- updated to new packaging scheme and add gem2rpm.yml
* Tue May 28 2013 coolo@suse.com
- new template version
* Tue Feb 12 2013 coolo@suse.com
- updated to version 1.5.2
  * February 7th, Thirty fifth public release 1.5.2
  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
  * Fix CVE-2013-0262, symlink path traversal in Rack::File
  * Add various methods to Session for enhanced Rails compatibility
  * Request#trusted_proxy? now only matches whole stirngs
  * Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns
  * URLMap host matching in environments that don't set the Host header fixed
  * Fix a race condition that could result in overwritten pidfiles
  * Various documentation additions
* Sun Feb 03 2013 coolo@suse.com
- updated to version 1.5.1
* Thu Jan 24 2013 coolo@suse.com
- update to version 1.5.0, remove suffix
  * Introduced hijack SPEC, for before-response and after-response hijacking
  * SessionHash is no longer a Hash subclass
  * Rack::File cache_control parameter is removed, in place of headers options
  * Rack::Auth::AbstractRequest#scheme now yields strings, not symbols
  * Rack::Utils cookie functions now format expires in RFC 2822 format
  * Rack::File now has a default mime type
  * rackup -b 'run Rack::File.new(".")', option provides command line configs
  * Rack::Deflater will no longer double encode bodies
  * Rack::Mime#match? provides convenience for Accept header matching
  * Rack::Utils#q_values provides splitting for Accept headers
  * Rack::Utils#best_q_match provides a helper for Accept headers
  * Rack::Handler.pick provides convenience for finding available servers
  * Puma added to the list of default servers (preferred over Webrick)
  * Various middleware now correctly close body when replacing it
  * Rack::Request#params is no longer persistent with only GET params
  * Rack::Request#update_param and #delete_param provide persistent operations
  * Rack::Request#trusted_proxy? now returns true for local unix sockets
  * Rack::Response no longer forces Content-Types
  * Rack::Sendfile provides local mapping configuration options
  * Rack::Utils#rfc2109 provides old netscape style time output
  * Updated HTTP status codes
  * Ruby 1.8.6 likely no longer passes tests, and is no longer fully supported
* Tue Jan 08 2013 coolo@suse.com
- updated to version 1.4.3
  * Add warnings when users do not provide a session secret
  * Fix parsing performance for unquoted filenames
  * Updated URI backports
  * Fix URI backport version matching, and silence constant warnings
  * Correct parameter parsing with empty values
  * Correct rackup '-I' flag, to allow multiple uses
  * Correct rackup pidfile handling
  * Report rackup line numbers correctly
  * Fix request loops caused by non-stale nonces with time limits
  * Fix reloader on Windows
  * Prevent infinite recursions from Response#to_ary
  * Various middleware better conforms to the body close specification
  * Updated language for the body close specification
  * Additional notes regarding ECMA escape compatibility issues
  * Fix the parsing of multiple ranges in range headers
  * Prevent errors from empty parameter keys
  * Added PATCH verb to Rack::Request
  * Various documentation updates
  * Fix session merge semantics (fixes rack-test)
  * Rack::Static :index can now handle multiple directories
  * All tests now utilize Rack::Lint (special thanks to Lars Gierth)
  * Rack::File cache_control parameter is now deprecated, and removed by 1.5
  * Correct Rack::Directory script name escaping
  * Rack::Static supports header rules for sophisticated configurations
  * Multipart parsing now works without a Content-Length header
  * New logos courtesy of Zachary Scott!
  * Rack::BodyProxy now explicitly defines #each, useful for C extensions
  * Cookies that are not URI escaped no longer cause exceptions
  * Security: Prevent unbounded reads in large multipart boundaries
* Tue Jul 31 2012 jreidinger@suse.com
- use new gem2rpm to provide new provisions
* Mon Apr 02 2012 saschpe@suse.de
- Spec file cleanup:
  * Prepare for Factory submission
* Fri Mar 30 2012 adrian@suse.de
- handle /usr/bin/rackup via update-alternatives
* Thu Jan 26 2012 mrueckert@suse.de
- initial package of the 1.4 branch