Sinatra 2.0.2 and 2.0.3 are out
We would like to inform you that we have released Sinatra v2.0.2 and v2.0.3.
Before we begin, I want to thank everyone who contributed, helped test pre-releases, and continues to use and support the project.
Security Fix CVE-2018-11627
Sinatra had a critical vulnerability since v2.0.0. The purpose of this release is to fix CVE-2018-11627.
If you’re using Sinatra v2.0.x, please upgrade to v2.0.2 or later.’
This release includes the release of the following gems, and associated versions:
sinatra: v2.0.2, v2.0.3
sintra-contrib: v2.0.2, v2.0.3
rack-protection: v2.0.2, v2.0.3
What is the difference between v2.0.3 and v2.0.2 ?
We thank everyone who reported and confirmed the issue.
Find out what’s new in v2.0.2 and v2.0.3 in CHANGELOG.md
Thank you everyone who has contributed over the years to this project, and continues to ensure it lives on. Finally, I am deeply grateful to Shota Iguchi who worked on the v2.0.2 improvement.