Today we release Rack 0.9.1. This release is a security release, it
only fixes directory traversal exploits in Rack::File and
Rack::Directory, dating back to Rack 0.3. Updating is highly
recommended if you use these modules.
= Rack, a modular Ruby webserver interface
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
The exact details of this are described in the Rack specification,
which all Rack applications should conform to.
- January 9th, 2009: Sixth public release 0.9.1.
- Fix directory traversal exploits in Rack::File and Rack::Directory.
== Where can I get it?
You can download Rack 0.9.1 at
Alternatively, you can checkout from the development repository with:
git clone git://github.com/rack/rack.git cd rack && git checkout rack-0.9 # for this release
== Installing with RubyGems
A Gem of Rack is available. You can install it with:
gem install rack
I also provide a local mirror of the gems (and development snapshots)
at my site:
gem install rack --source http://chneukirchen.org/releases/gems/
Please mail bugs, suggestions and patches to
Mailing list archives are available at
There is a bug tracker at http://rack.lighthouseapp.com/.
Git repository (patches rebased on master are most welcome):
You are also welcome to join the #rack channel on irc.freenode.net.
The Rack Core Team, consisting of
- Christian N. (chneukirchen)
- James T. (raggi)
- Josh P. (josh)
- Michael F. (manveru)
- Ryan T. (rtomayko)
- Scytrin dai Kinthra (scytrin)
would like to thank:
- Tom R., for finding and reporting these bugs.
Copyright © 2007, 2008, 2009 Christian N.
Rack is freely distributable under the terms of an MIT-style license.
Rack’s Rubyforge project:: http://rubyforge.org/projects/rack
Official Rack repositories:: http://github.com/rack
rack-devel mailing list:: http://groups.google.com/group/rack-devel
Happy hacking and have a nice day,
on behalf of the Rack Core Team.