Padrino

Upgrade Rack immediately

All Rack users, including all Padrino users, should upgrade their Rack dependency as soon as possible. Multiple severe issues have been found, one of them including a potential remote code execution. This is espcially important if you are using Rack::Session::Cookie, which Padrino activates by default. See the Rack website for details.

To upgrade, use:

bundle update rack

And make sure that you installed any of these versions: 1.5.2, 1.4.5, 1.3.10, 1.2.8, 1.1.6.

Contribute

Please report any issues you encounter with this release! We are working very actively on Padrino and want to make the framework as stable and reliable as possible. That concludes the changelog for this release. As always if you want to keep up with Padrino updates, be sure to follow us on twitter: @padrinorb, join us on IRC at “#padrino” on freenode, open an issue, or discuss on gitter.


comments powered by Disqus