A librack-ruby security update has been released for Debian 6 LTS
Package : librack-ruby
Version : 1.1.0-4+squeeze3
CVE ID : CVE-2015-3225
There is a potential denial of service vulnerability in Rack, a modular
Ruby webserver interface.
Carefully crafted requests can cause a `SystemStackError` and cause a
denial of service attack by exploiting the lack of a sensible depth
check when doing parameter normalization.
We recommend that you update your librack-ruby packages.