ruby-rack-session vulnerability
SeungMyung Lee discovered that Rack::Session did not properly reject cookies upon decryption failure. A remote attacker could use this issue to manipulate session contents and possibly gain unauthorized access.
2.1.1-0.1ubuntu0.1