[ubuntu/jammy-security] ruby-rack 2.1.4-5ubuntu1.2 (Accepted)

[Shishir Subedi]

ruby-rack (2.1.4-5ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of service through large query parameters.
    - debian/patches/CVE-2025-46727.patch: Add query parameter limit and
      bytesize limit and corresponding checks in ./lib/rack/query_parser.rb.
    - CVE-2025-46727

  * SECURITY UPDATE: Limited Denial of service
    - debian/patches/CVE-2025-59830.patch: Fix unbounded parameter parsing
      in `Rack::QueryParser` by counting both possible parameter separators
      (& and ;)
    - CVE-2025-59830

  * SECURITY UPDATE: Denial of service
    - d/p/CVE-2025-61770-and-CVE-2025-61772.patch: Enforce a size limit for
      the preamble and multipart mime part header 
    - d/p/CVE-2025-61771.patch: Limit amount of retained data when parsing
      multipart requests
    - CVE-2025-61770
    - CVE-2025-61772
    - CVE-2025-61771

  * SECURITY UPDATE: Information discloure using proxy bypass
    - debian/patches/CVE-2025-61780.patch: Fix handling of proxy headers
      (`HTTP_X_SENDFILE_TYPE` and `HTTP_X_ACCEL_MAPPING`) in Rack::Sendfile
    - CVE-2025-61780 

  * SECURITY UPDATE: Denial of service through memory exhaustion
    - debian/patches/CVE-2025-61919.patch: Enforce form parameter limit
      using `query_parser.bytesize_limit` preventing unbounded read of 
      `application/x-www-form-urlencoded` bodies
    - CVE-2025-61919

Date: 2026-01-14 04:06:12.301240+00:00
Changed-By: Shishir Subedi <shishirsub10 at gmail.com>
https://launchpad.net/ubuntu/+source/ruby-rack/2.1.4-5ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.