Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Jun 2016 16:10:29 +1000
From: Sam Saffron <>
Subject: Ruby gem rack-mini-profiler CVE-2016-4442

Description: Carefully crafted requests can expose information about
strings and objects allocated during the request for unauthorised

Fixed in:

Released public fix in version: 0.10.


I am not sure how to go about announcing this CVE, where else to I
need to post this?

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.