Skip to content

Instantly share code, notes, and snippets.

@omgitsads
Created February 8, 2013 15:08
Show Gist options
  • Save omgitsads/3906227fb8c433c4a2e4 to your computer and use it in GitHub Desktop.
Save omgitsads/3906227fb8c433c4a2e4 to your computer and use it in GitHub Desktop.

Rack Vulnerability

It was brought to our attention that there have been two recent Rack Vulnerabilities via http://rack.github.com/.

CVE-2013-0263:

  • Affected Versions: All Previous Versions
  • Fixed Versions: 1.1.6, 1.2.8, 1.3.10, 1.4.5, 1.5.2

CVE-2013-0262:

  • Versions affected: All versions after 1.4.0
  • Versions fixed: 1.4.5, 1.5.2

What should I do?

Check your Gemfile and Gemfile.lock for vulnerable versions of rack, and if you are using one, update it immediately.

You can update each of these by using "bundle update rack".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment