diff options
author | Aaron Patterson <tenderlove@ruby-lang.org> | 2023-03-13 11:07:51 -0700 |
---|---|---|
committer | Aaron Patterson <tenderlove@ruby-lang.org> | 2023-03-13 11:07:51 -0700 |
commit | 27addc7f1ae290b6b84c1c351e5b6d75a05bb40b (patch) | |
tree | 24f14f8e9daf3f8f13c7221bfd491549780a0a9f | |
parent | ee7919ea04303717858be1c3f16b406adc6d8cff (diff) | |
download | rack-27addc7f1ae290b6b84c1c351e5b6d75a05bb40b.tar.gz |
bump versionv2.2.6.4
-rw-r--r-- | CHANGELOG.md | 4 | ||||
-rw-r--r-- | lib/rack/version.rb | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b81a68d5..85cb1fc2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/). +## [2.2.6.4] - 2023-03-13 + +- [CVE-2023-27539] Avoid ReDoS in header parsing + ## [2.2.6.3] - 2023-03-02 - [CVE-2023-27530] Introduce multipart_total_part_limit to limit total parts diff --git a/lib/rack/version.rb b/lib/rack/version.rb index 0c38a46d..d451de43 100644 --- a/lib/rack/version.rb +++ b/lib/rack/version.rb @@ -20,7 +20,7 @@ module Rack VERSION.join(".") end - RELEASE = "2.2.6.3" + RELEASE = "2.2.6.4" # Return the Rack release as a dotted string. def self.release |