diff options
| -rw-r--r-- | CHANGELOG.md | 8 | ||||
| -rw-r--r-- | lib/rack.rb | 2 |
2 files changed, 9 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index f0fa2ec0..4f0be342 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +## [2.1.4] - 2020-06-15 + +- [CVE-2020-8184] When parsing cookies, only decode the value + +## [2.1.3] - 2020-05-12 + +- [CVE-2020-8161] Use Dir.entries instead of Dir[glob] to prevent user-specified glob metacharacters +- ## [2.1.2] - 2020-01-27 - Fix multipart parser for some files to prevent denial of service ([@aiomaster](https://github.com/aiomaster)) diff --git a/lib/rack.rb b/lib/rack.rb index f864ef9f..634235ae 100644 --- a/lib/rack.rb +++ b/lib/rack.rb @@ -20,7 +20,7 @@ module Rack VERSION.join(".") end - RELEASE = "2.1.3" + RELEASE = "2.1.4" # Return the Rack release as a dotted string. def self.release |