{ "schema_version": "1.7.0", "id": "MGASA-2026-0226", "published": "2026-06-18T21:28:22Z", "modified": "2026-06-18T20:38:09Z", "summary": "Updated ruby-rack packages fix security vulnerabilities", "details": "CVE-2026-26961 Greedy multipart boundary parsing can cause parser\ndifferentials and WAF bypass. `Forwarded` header semicolon injection\nenables `Host` and `Scheme` spoofing.\nCVE-2026-34230 Quadratic complexity in\n`Rack::Utils.select_best_encoding` via wildcard `Accept-Encoding`\nheader.\nCVE-2026-34763 Root directory disclosure via unescaped regex\ninterpolation in `Rack::Directory`.\nCVE-2026-34785 `Rack::Static` prefix matching can expose unintended\nfiles under the static root.\nCVE-2026-34786 `Rack::Static` `header_rules` bypass via URL-encoded path\nmismatch.\nCVE-2026-34826 Multipart byte range processing allows denial of service\nvia excessive overlapping ranges.\nCVE-2026-34827 Multipart header parsing allows denial of service via\nescape-heavy quoted parameters.\nCVE-2026-34829 Multipart parsing without `Content-Length` header allows\nunbounded chunked file uploads.\nCVE-2026-34830 `Rack::Sendfile` header-based `X-Accel-Mapping` regex\ninjection enables unauthorized `X-Accel-Redirect`.\nCVE-2026-34831 `Content-Length` mismatch in `Rack::Files` error\nresponses.\nCVE-2026-34835 `Rack::Request` accepts invalid Host characters, enabling\nhost allowlist bypass.\n", "upstream": [ "CVE-2026-26961", "CVE-2026-32762", "CVE-2026-34230", "CVE-2026-34763", "CVE-2026-34785", "CVE-2026-34786", "CVE-2026-34826", "CVE-2026-34827", "CVE-2026-34829", "CVE-2026-34830", "CVE-2026-34831", "CVE-2026-34835" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2026-0226.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=35446" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-vgpv-f759-9wx3" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-qfgr-crr9-7r49" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-v569-hp3g-36wr" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-7mqq-6cf9-v2qp" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-h2jq-g4cq-5ppq" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-q4qf-9j86-f5mh" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-x8cg-fq8g-mxfx" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-v6x5-cg8r-vv6x" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-8vqr-qjwx-82mw" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-qv7j-4883-hwh7" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-q2ww-5357-x388" }, { "type": "ADVISORY", "url": "https://github.com/rack/rack/security/advisories/GHSA-g2pf-xv49-m2h5" } ], "affected": [ { "package": { "ecosystem": "Mageia:9", "name": "ruby-rack", "purl": "pkg:rpm/mageia/ruby-rack?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.2.23-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }