testing

rubygem-rack-2.2.21-1.fc41

FEDORA-2025-a35addbf9b created by vondruch a week ago for Fedora 41

Update to Rack 2.2.21

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-a35addbf9b

This update has been submitted for testing by vondruch.

a week ago

This update's test gating status has been changed to 'ignored'.

a week ago

vondruch edited this update.

a week ago

vondruch edited this update.

a week ago

This update has been pushed to testing.

6 days ago

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
a week ago
in testing
6 days ago
days to stable
1
modified
a week ago
Builds
1
rubygem-rack-2.2.21-1.fc41
BZ#2164714 CVE-2022-44571 rubygem-rack: denial of service in Content-Disposition parsing
0
0
BZ#2164719 CVE-2022-44570 rubygem-rack: denial of service in Content-Disposition parsing
0
0
BZ#2164722 CVE-2022-44572 rubygem-rack: denial of service in Content-Disposition parsing
0
0
BZ#2176477 CVE-2023-27530 rubygem-rack: Denial of service in Multipart MIME parsing
0
0
BZ#2179649 CVE-2023-27539 rubygem-rack: denial of service in header parsing
0
0
BZ#2265593 CVE-2024-25126 rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing
0
0
BZ#2265594 CVE-2024-26141 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack
0
0
BZ#2265595 CVE-2024-26146 rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing
0
0
BZ#2265596 CVE-2024-25126 rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing [fedora-all]
0
0
BZ#2265597 CVE-2024-26141 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack [fedora-all]
0
0
BZ#2265598 CVE-2024-26146 rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing [fedora-all]
0
0
BZ#2345301 CVE-2025-25184 rubygem-rack: Possible Log Injection in Rack::CommonLogger
0
0
BZ#2345712 CVE-2025-25184 rubygem-rack: Possible Log Injection in Rack::CommonLogger [fedora-41]
0
0
BZ#2349810 CVE-2025-27111 rack: rubygem-rack: Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
0
0
BZ#2349978 CVE-2025-27111 rubygem-rack: Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection [fedora-41]
0
0
BZ#2351231 CVE-2025-27610 rack: rubygem-rack: Local File Inclusion in Rack::Static
0
0
BZ#2351278 CVE-2025-27610 rubygem-rack: Local File Inclusion in Rack::Static [fedora-41]
0
0
BZ#2364965 CVE-2025-32441 rack: Rack Session Reuse Vulnerability
0
0
BZ#2364966 CVE-2025-46727 rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser
0
0
BZ#2364999 CVE-2025-46727 rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser [fedora-41]
0
0
BZ#2365052 CVE-2025-32441 rubygem-rack: Rack Session Reuse Vulnerability [fedora-41]
0
0
BZ#2398167 CVE-2025-59830 rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters
0
0
BZ#2402174 CVE-2025-61770 rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
0
0
BZ#2402175 CVE-2025-61771 rack: Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
0
0
BZ#2402200 CVE-2025-61772 rack: Rack memory exhaustion denial of service
0
0
BZ#2402987 CVE-2025-59830 rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters [fedora-41]
0
0
BZ#2403126 CVE-2025-61780 rubygem-rack: Improper handling of headers in `Rack::Sendfile` may allow proxy bypass
0
0
BZ#2403180 CVE-2025-61919 rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion
0
0
BZ#2403524 CVE-2025-61919 rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion [fedora-41]
0
0
BZ#2403529 CVE-2025-61780 rubygem-rack: Improper handling of headers in `Rack::Sendfile` may allow proxy bypass [fedora-41]
0
0
rubygem-rack-2.2.21-1.fc41

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-10-5kvt6.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy