Package: ruby-rack / 1.6.4-5~bpo9+1
Patch seriesview the series file
|0001 Fix Params_Depth.patch | (download)||
12 12 + 0 - 0 !
raise an exception if the parameters are too deep CVE-2015-3225 Conflicts: lib/rack/utils.rb test/spec_utils.rb
|0002 Support multipart filename with in the name.patch | (download)||
6 3 + 3 - 0 !
support multipart filename with + in the name Use Utils.unescape_path in Rack::Multipart::Parser.get_name in order to not translate + to space in the filename, since filenames with + are valid. This patch was based on these upstream commits (with some extra modifications): https://github.com/rack/rack/commit/568cf7294d3c8abb84825514e91cf98c58a5e503 https://github.com/rack/rack/commit/978eb9b9935d388ca8cc45fe31c870b9bc0aaab2