Sinatra 2.0.1 is out!
I have just released Sinatra v2.0.1 and Mustermann v1.0.2.
Before we begin, I want to thank everyone who contributed, helped test pre-releases, and continues to use and support the project.
Security Fix CVE-2018-7212
The rack-protection-v2.0.1 contains a security fix for CVE-2018-7212.
It was determined a path traversal attack using backslashes was possible on Windows environment. We highly recommend you upgrade at least
rack-protection if you’re on Windows, or apply this patch provided by Orange Tsai from DEVCORE.
If you’re on older version of Sinatra, we have backported this patch to
rack-protection in v1.5.4.
Sinatra v2.0.1 includes the release of the following gems, and associated versions:
sinatra, sinatra-contrib and rack-protection v2.0.1
Find out what’s new in 2.0.1 in CHANGELOG.md
mustermann and mustermann-contrib v1.0.2
Find out what’s new in 1.0.2 in CHANGELOG.md
Thank you everyone who has contributed over the years to this project, and continues to ensure it lives on.