Debian Security Advisory 4918-1

Debian Security Advisory 4918-1: Posted May 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4918-1 - Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources.; tags | advisory, ruby; systems | linux, debian; advisories | CVE-2019-18978; SHA-256 | aad43033fd2d923343981ed3f9f6cf6e629a5e445a969a1991a2feeb576f243c; Download | Favorite | View

Debian Security Advisory 4918-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4918-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 18, 2021                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ruby-rack-cors
CVE ID         : CVE-2019-18978
Debian Bug     : 944849

Improper pathname handling in ruby-rack-cors, a middleware that makes
Rack-based apps CORS compatible, may result in access to private
resources.

For the stable distribution (buster), this problem has been fixed in
version 1.0.2-1+deb10u1.

We recommend that you upgrade your ruby-rack-cors packages.

For the detailed security status of ruby-rack-cors please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/ruby-rack-cors

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCj0dBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Qa5RAAj83zCX2vWyCHGB666nYEbcFjPdU47TpZiUV3FRbwlR2dLPO0T4AW+SFv
XFwGUiCh3BcZouLO5fv+mmkxgj9/0K22q8Y3Ak1pkdJyk5Jr8afyftrgDCMMk6HO
aiGmqMj/CVrOnyILgkUlQzGhFJk7JRmstwM/q9kkpKOWaFzuMsSHtpolM8TJqUyt
x5SmnJlk/uNmOpXzq5LHfF1jGH8IhbGQLcFmnu40AspNRJWBF6TEEYgHJCSJ2+8b
nkDoC/3yRpFpWpv9jgcnEmZ3cHJcKAlqmNHSCHMTBUC8gVDSJL3Ncdg+7OHmg+pZ
FxmM63RJOtV+3p7K8iXvwBL9WxdbIF6yRC8haLYW6VSr11CbNXNmSqfMfXLdJUkB
xY15rYMBNEW4e0NJ9CMBZQaIIvjHNo0l2YBwG66FSd3HPH7rR+eCAsLuUcJNvB/F
TwMCiqLPsVE5G6SvvbbkQitqcK24f9fjEKP5MJtz9Ozaa6r0s5LDteg2jPL2yKOf
BcMKu5dD3u21UXm0594thouOdKOtZKn/sxal91kuhSDy/r7hZb1O6nShngDjgE0A
mODzUgKm9HQFcySbOgYFh1oElKmWvhLtFrhhycne8bKARso0XfK95tXeyOB5J/yS
O2k5i4UjMCOB8OSmZ64b1XSqsHKm/uRkU3ZU2HL38Hm1pH5TeZw=
=wNnZ
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 219 files
Jay Turla 150 files
indoushka 143 files
Ubuntu 60 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
Gentoo 33 files
H D Moore 31 files
Debian 29 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,114)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (50,978)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,661)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,794)
UNIX (9,443)
UnixWare (187)
Windows (6,756)
Other

Debian Security Advisory 4918-1

Debian Security Advisory 4918-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4918-1

Share This

Debian Security Advisory 4918-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems