Sinatra 2.0.1 is out!
I have just released Sinatra v2.0.1 and Mustermann v1.0.2.
Before we begin, I want to thank everyone who contributed, helped test pre-releases, and continues to use and support the project.
Security Fix CVE-2018-7212
The rack-protection-v2.0.1 contains a security fix for CVE-2018-7212.
It was determined a path traversal attack using backslashes was possible on Windows environment. We highly recommend you upgrade at least rack-protection if you’re on Windows, or apply this patch provided by Orange Tsai from DEVCORE.
If you’re on older version of Sinatra, we have backported this patch to rack-protection in v1.5.4.
Releases
Sinatra v2.0.1 includes the release of the following gems, and associated versions:
sinatra: v2.0.1sinatra-contrib: v2.0.1rack-protection: v2.0.1mustermann: v1.0.2mustermann-contrib: v1.0.2
sinatra, sinatra-contrib and rack-protection v2.0.1
Find out what’s new in 2.0.1 in CHANGELOG.md
mustermann and mustermann-contrib v1.0.2
Find out what’s new in 1.0.2 in CHANGELOG.md
Thank you
Thank you everyone who has contributed over the years to this project, and continues to ensure it lives on.