Carefully crafted requests can cause a ‘SystemStackError’ and potentially cause a denial of service attack. All users running an affected release should either upgrade or use one of the workarounds immediately (listed in the references below).
lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html
lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html
lists.opensuse.org/opensuse-updates/2015-07/msg00040.html
lists.opensuse.org/opensuse-updates/2015-07/msg00043.html
lists.opensuse.org/opensuse-updates/2015-07/msg00044.html
openwall.com/lists/oss-security/2015/06/16/14
rhn.redhat.com/errata/RHSA-2015-2290.html
www.debian.org/security/2015/dsa-3322
www.securityfocus.com/bid/75232
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.2_Release_Notes/index.html
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/High_Availability_Add-On_Reference/
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1121791
bugzilla.redhat.com/show_bug.cgi?id=1134426
bugzilla.redhat.com/show_bug.cgi?id=1148863
bugzilla.redhat.com/show_bug.cgi?id=1158491
bugzilla.redhat.com/show_bug.cgi?id=1158537
bugzilla.redhat.com/show_bug.cgi?id=1158571
bugzilla.redhat.com/show_bug.cgi?id=1163671
bugzilla.redhat.com/show_bug.cgi?id=1163682
bugzilla.redhat.com/show_bug.cgi?id=1165803
bugzilla.redhat.com/show_bug.cgi?id=1166160
bugzilla.redhat.com/show_bug.cgi?id=1170205
bugzilla.redhat.com/show_bug.cgi?id=1175400
bugzilla.redhat.com/show_bug.cgi?id=1176687
bugzilla.redhat.com/show_bug.cgi?id=1182119
bugzilla.redhat.com/show_bug.cgi?id=1182793
bugzilla.redhat.com/show_bug.cgi?id=1182986
bugzilla.redhat.com/show_bug.cgi?id=1183752
bugzilla.redhat.com/show_bug.cgi?id=1185096
bugzilla.redhat.com/show_bug.cgi?id=1186692
bugzilla.redhat.com/show_bug.cgi?id=1187320
bugzilla.redhat.com/show_bug.cgi?id=1187571
bugzilla.redhat.com/show_bug.cgi?id=1188571
bugzilla.redhat.com/show_bug.cgi?id=1189857
bugzilla.redhat.com/show_bug.cgi?id=1196412
bugzilla.redhat.com/show_bug.cgi?id=1197758
bugzilla.redhat.com/show_bug.cgi?id=1198222
bugzilla.redhat.com/show_bug.cgi?id=1198265
bugzilla.redhat.com/show_bug.cgi?id=1198274
bugzilla.redhat.com/show_bug.cgi?id=1198640
bugzilla.redhat.com/show_bug.cgi?id=1199073
bugzilla.redhat.com/show_bug.cgi?id=1202457
bugzilla.redhat.com/show_bug.cgi?id=1204880
bugzilla.redhat.com/show_bug.cgi?id=1205653
bugzilla.redhat.com/show_bug.cgi?id=1206214
bugzilla.redhat.com/show_bug.cgi?id=1206219
bugzilla.redhat.com/show_bug.cgi?id=1207805
bugzilla.redhat.com/show_bug.cgi?id=1212904
bugzilla.redhat.com/show_bug.cgi?id=1213429
bugzilla.redhat.com/show_bug.cgi?id=1215198
bugzilla.redhat.com/show_bug.cgi?id=1219574
bugzilla.redhat.com/show_bug.cgi?id=1231987
bugzilla.redhat.com/show_bug.cgi?id=1235022
bugzilla.redhat.com/show_bug.cgi?id=1247818
bugzilla.redhat.com/show_bug.cgi?id=1250720
bugzilla.redhat.com/show_bug.cgi?id=1253491
bugzilla.redhat.com/show_bug.cgi?id=1257369
bugzilla.redhat.com/show_bug.cgi?id=1258619
bugzilla.redhat.com/show_bug.cgi?id=1265425
bugzilla.redhat.com/show_bug.cgi?id=1268801
github.com/rack/rack/blob/master/HISTORY.md
groups.google.com/forum/message/raw?msg=rubyonrails-security/gcUbICUmKMc/qiCotVZwXrMJ
rhn.redhat.com/errata/RHSA-2015-2290.html