A new Debian Linux update has been published: ELA-787-1 ruby-sinatra security update
A ruby-sinatra security update has been released for Debian GNU/Linux 9 Extended LTS to address a vulnerability where a reflected file download (RFD) attack sets the Content-Disposition header of a response when the filename is derived from user-supplied input.Read more @ Linux Compatible