DevHeads.net

Rack versions 1.6.11 and 2.0.6 have been released!

Hi everyone,

Rack versions 1.6.11 and 2.0.6 have been released. Both of these releases
contain important security fixes, and you should upgrade!

Rack version 1.6.11 contains fixes for:

* [CVE-2018-16470] Possible DoS vulnerability in Rack
* [CVE-2018-16471] Possible XSS vulnerability in Rack

Rack version 2.0.6 contains a fix for:

* [CVE-2018-16470] Possible DoS vulnerability in Rack

The gem checksums are:

```
$ sha1sum *
64a0cd32f46c0ff44ffda4055048fe6309903110 rack-1.6.11.gem
b15267e1f94e69238a00a6f1bd48fb7683c03a78 rack-2.0.6.gem
```

You can read more about CVE-2018-16470 here:

https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk

You can read more about CVE-2018-16471 here:

https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o

Thanks for reading and have a good day!