rubysec
rubysec copied to clipboard
trailofbits
RubySec Field Guide
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4. Commits 27addc7 bump version ee7919e Avoid ReDoS problem d6b5b2b bump version 9aac375 Limit all multipart parts, not just files See full diff in compare...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4. Commits 27addc7 bump version ee7919e Avoid ReDoS problem d6b5b2b bump version 9aac375 Limit all multipart parts, not just files See full diff in compare...
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4. Commits 27addc7 bump version ee7919e Avoid ReDoS problem d6b5b2b bump version 9aac375 Limit all multipart parts, not just files See full diff in compare...
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4. Commits 27addc7 bump version ee7919e Avoid ReDoS problem d6b5b2b bump version 9aac375 Limit all multipart parts, not just files See full diff in compare...
Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.2.0 to 2.2.3. Changelog Sourced from sinatra's changelog. 2.2.3 / 2022-11-25 Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai Fix: fixed ReDoS for Rack::Protection::IPSpoofing....
Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.2.0 to 2.2.3. Changelog Sourced from sinatra's changelog. 2.2.3 / 2022-11-25 Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai Fix: fixed ReDoS for Rack::Protection::IPSpoofing....
It might be nice to drop in a default .rspec file for users with --color --format d, so they get colorful output that tells them exactly which tests are breaking
matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf