README.rdoc in rack-1.4.7 vs README.rdoc in rack-1.5.0.beta.1

- old
+ new

@@ -27,10 +27,11 @@ * Fuzed * Glassfish v3 * Phusion Passenger (which is mod_rack for Apache and for nginx) * Puma * Rainbows! +* Reel * Unicorn * unixrack * uWSGI * Zbatery @@ -40,10 +41,11 @@ == Supported web frameworks These frameworks include Rack adapters in their distributions: * Camping * Coset +* Espresso * Halcyon * Mack * Maveric * Merb * Racktools::SimpleApplication @@ -55,13 +57,10 @@ * Vintage * Waves * Wee * ... and many others. -Current links to these projects can be found at -http://wiki.ramaze.net/Home#other-frameworks - == Available middleware Between the server and the framework, Rack can be customized to your applications needs using middleware, for example: * Rack::URLMap, to route to multiple applications inside the same process. @@ -477,40 +476,13 @@ * Security: Prevent unbounded reads in large multipart boundaries * January 7th, 2013: Thirty first public release 1.4.3 * Security: Prevent unbounded reads in large multipart boundaries -* January 13th, 2013: Thirty second public release 1.4.4, 1.3.9, 1.2.7, 1.1.5 - * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings - * Fixed erroneous test case in the 1.3.x series - -* February 7th, Thirty fifth public release 1.1.6, 1.2.8, 1.3.10 - * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - -* February 7th, Thirty fifth public release 1.4.5 - * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - * Fix CVE-2013-0262, symlink path traversal in Rack::File - -* February 7th, Thirty fifth public release 1.5.2 - * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - * Fix CVE-2013-0262, symlink path traversal in Rack::File - * Add various methods to Session for enhanced Rails compatibility - * Request#trusted_proxy? now only matches whole stirngs - * Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns - * URLMap host matching in environments that don't set the Host header fixed - * Fix a race condition that could result in overwritten pidfiles - * Various documentation additions - == Contact Please post bugs, suggestions and patches to the bug tracker at <http://github.com/rack/rack/issues>. - -Please post security related bugs and suggestions to the core team at -<https://groups.google.com/group/rack-core> or rack-core@googlegroups.com. Due -to wide usage of the library, it is strongly preferred that we manage timing in -order to provide viable patches at the time of disclosure. Your assistance in -this matter is greatly appreciated. Mailing list archives are available at <http://groups.google.com/group/rack-devel>. Git repository (send Git patches to the mailing list):