Update README for release. Add security section.

author: James Tucker <jftucker@gmail.com> 2013-01-13 13:55:50 -0800
committer: James Tucker <jftucker@gmail.com> 2013-01-13 13:55:50 -0800
commit: 0ea18dd39891ec647429adf817fe77827f587728 (patch)
tree: 682db3927c711e2fc8c6c5fe5f7fbc9c7fca84c8
parent: 0c76175fcccad74ba2f991c487d3669c28a297c8 (diff)
download: rack-0ea18dd39891ec647429adf817fe77827f587728.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/README.rdoc b/README.rdoc
index 966780b9..48f074dc 100644
--- a/README.rdoc
+++ b/README.rdoc
@@ -478,11 +478,21 @@ run on port 11211) and memcache-client installed.
 * January 7th, 2013: Thirty first public release 1.4.3
   * Security: Prevent unbounded reads in large multipart boundaries
 
+* January 13th, 2013: Thirty second public release 1.4.4, 1.3.9, 1.2.7, 1.1.5
+  * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings
+  * Fixed erroneous test case in the 1.3.x series
+
 == Contact
 
 Please post bugs, suggestions and patches to
 the bug tracker at <http://github.com/rack/rack/issues>.
 
+Please post security related bugs and suggestions to the core team at
+<https://groups.google.com/group/rack-core> or rack-core@googlegroups.com. Due
+to wide usage of the library, it is strongly preferred that we manage timing in
+order to provide viable patches at the time of disclosure. Your assistance in
+this matter is greatly appreciated.
+
 Mailing list archives are available at
 <http://groups.google.com/group/rack-devel>.
author	James Tucker <jftucker@gmail.com>	2013-01-13 13:55:50 -0800
committer	James Tucker <jftucker@gmail.com>	2013-01-13 13:55:50 -0800
commit	0ea18dd39891ec647429adf817fe77827f587728 (patch)
tree	682db3927c711e2fc8c6c5fe5f7fbc9c7fca84c8
parent	0c76175fcccad74ba2f991c487d3669c28a297c8 (diff)
download	rack-0ea18dd39891ec647429adf817fe77827f587728.tar.gz