Hello community, here is the log from the commit of package rubygem-rack-1_1 for openSUSE:12.3 checked in at 2013-02-26 15:11:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3/rubygem-rack-1_1 (Old) and /work/SRC/openSUSE:12.3/.rubygem-rack-1_1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-rack-1_1", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:12.3/rubygem-rack-1_1/rubygem-rack-1_1.changes 2013-01-31 01:37:00.000000000 +0100 +++ /work/SRC/openSUSE:12.3/.rubygem-rack-1_1.new/rubygem-rack-1_1.changes 2013-02-26 15:11:24.000000000 +0100 @@ -1,0 +2,16 @@ +Mon Feb 11 08:19:08 UTC 2013 - adrian@suse.com + +- updated to version 1.1.6 + * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie + * Fix CVE-2013-0262, symlink path traversal in Rack::File + +- from 1.1.5: + * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings + * Fixed erroneous test case in the 1.3.x series + +------------------------------------------------------------------- +Wed Jan 9 09:57:54 UTC 2013 - adrian@suse.de + +- update to version 1.1.4 + +------------------------------------------------------------------- Old: ---- rack-1.1.2.gem New: ---- rack-1.1.6.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-rack-1_1.spec ++++++ --- /var/tmp/diff_new_pack.eEilQT/_old 2013-02-26 15:11:24.000000000 +0100 +++ /var/tmp/diff_new_pack.eEilQT/_new 2013-02-26 15:11:24.000000000 +0100 @@ -17,7 +17,7 @@ Name: rubygem-rack-1_1 -Version: 1.1.2 +Version: 1.1.6 Release: 0 # %define mod_name rack -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org