diff options
-rw-r--r-- | CHANGELOG.md | 5 | ||||
-rw-r--r-- | lib/rack/version.rb | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 90f1d2b8..ff8a58e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,10 +2,13 @@ All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/). +## [2.2.6.2] - 2022-01-17 + +- [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges + ## [2.2.6.1] - 2022-01-17 - [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser -- [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges - [CVE-2022-44572] Forbid control characters in attributes (also ReDoS) ## [2.2.6] - 2022-01-17 diff --git a/lib/rack/version.rb b/lib/rack/version.rb index 07f5bbc8..d829db1c 100644 --- a/lib/rack/version.rb +++ b/lib/rack/version.rb @@ -20,7 +20,7 @@ module Rack VERSION.join(".") end - RELEASE = "2.2.6.1" + RELEASE = "2.2.6.2" # Return the Rack release as a dotted string. def self.release |