Sinatra 2.0.1 is out!

By Kunpei Sakai on Monday, February 19, 2018

I have just released Sinatra v2.0.1 and Mustermann v1.0.2.

Before we begin, I want to thank everyone who contributed, helped test pre-releases, and continues to use and support the project.

Security Fix CVE-2018-7212

The rack-protection-v2.0.1 contains a security fix for CVE-2018-7212.

It was determined a path traversal attack using backslashes was possible on Windows environment. We highly recommend you upgrade at least rack-protection if you’re on Windows, or apply this patch provided by Orange Tsai from DEVCORE.

If you’re on older version of Sinatra, we have backported this patch to rack-protection in v1.5.4.


Sinatra v2.0.1 includes the release of the following gems, and associated versions:

  • sinatra: v2.0.1
  • sinatra-contrib: v2.0.1
  • rack-protection: v2.0.1
  • mustermann: v1.0.2
  • mustermann-contrib: v1.0.2

sinatra, sinatra-contrib and rack-protection v2.0.1

Find out what’s new in 2.0.1 in

mustermann and mustermann-contrib v1.0.2

Find out what’s new in 1.0.2 in

Thank you

Thank you everyone who has contributed over the years to this project, and continues to ensure it lives on.