[DRE-maint] Bug#1033326: ruby-rails: Rails app using development environment blocks all access with 'Blocked host'
Max Maton
info at maxmaton.nl
Wed Mar 22 17:20:17 GMT 2023
Package: ruby-rails
Version: 2:6.0.3.7+dfsg-2+deb11u1
Severity: important
X-Debbugs-Cc: info at maxmaton.nl, team at security.debian.org
Dear Maintainer,
Using rails 2:6.0.3.7+dfsg-2+deb11u1 we can no longer run our app using
`RAILS_ENV=development rails s`.
Curling the server (`curl http://127.0.0.1:3000`) results in an error
message:
Blocked host: 127.0.0.1
To allow requests to 127.0.0.1, add the following to your environment configuration:
config.hosts << "127.0.0.1"
Adding this configuration setting does not allow connections to go
through. Running the curl command using the package in bullseye works.
I was able to find this online but I'm not sure if it's related: https://rubyonrails.org/2021/12/15/Rails-6-0-4-4-and-6-1-4-4-have-been-released
Changelog: https://github.com/rails/rails/compare/v6.0.4.3...v6.0.4.4#diff-401b1f2d4b94c52328880f3baca952f374f24903245327fc4c4527d6d5655a0c
Best regards,
Max Maton
-- System Information:
Debian Release: 11.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-10-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ruby-rails depends on:
ii ruby-actioncable 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-actionmailbox 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-actionmailer 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-actionpack 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-actiontext 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-actionview 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-activejob 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-activemodel 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-activerecord 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-activestorage 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-activesupport 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-bundler 2.2.5-2
ii ruby-railties 2:6.0.3.7+dfsg-2+deb11u1
ii ruby-sprockets-rails 3.2.1-1
ruby-rails recommends no packages.
ruby-rails suggests no packages.
-- no debconf information
More information about the Pkg-ruby-extras-maintainers
mailing list