[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Issues regarding ruby-rack/CVE-2019-16782


Please don't yet patch CVE-2019-16782 for Buster, Stretch, Jessie, et al.
This security update induces a regression, resulting in some issues in
using the library.
Also, there's a slight possibility of this patch inducing a backdoor on
it's own.

The issues have already been opened to/with the upstream and I hope
they're looking into it.
P.S. Shall update here when available :)


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: