Skip to content

Commit

Permalink
Update changelog
Browse files Browse the repository at this point in the history
  • Loading branch information
@tenderlove
tenderlove committed Jan 17, 2023
1 parent ee25ab9 commit 3677f17
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).

## [2.2.6.1] - 2022-01-17

- [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
- [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
- [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)

## [2.2.6] - 2022-01-17

- Extend `Rack::MethodOverride` to handle `QueryParser::ParamsTooDeepError` error. ([#2011](https://github.com/rack/rack/pull/2011), [@byroot](https://github.com/byroot))
Expand Down

0 comments on commit 3677f17

Please sign in to comment.