CVE-2017-14064: Heap exposure vulnerability in generating JSON


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064. Details The generate...

CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033. Details If...

Ruby 2.2.8 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-0898: Buffer underrun...

Ruby 2.3.5 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.5 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check...

CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in the sprintf method of Kernel module. This vulnerability has been assigned the CVE identifier CVE-2017-0898.Details...

CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick


~1 month ago by ruby-lang.org on ruby-lang.org.
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE...

Ruby 2.4.2 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes. CVE-2017-0898: Buffer underrun vulnerability in Kernel...

Multiple vulnerabilities in RubyGems


~2 months ago by ruby-lang.org on ruby-lang.org.
There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems. Details The following vulnerabilities...

Nominations now being accepted for Ruby Prize 2017


3 months ago by ruby-lang.org on ruby-lang.org.
We are very pleased to announce you that Ruby Prize will be held this year! The Ruby Prize is given to recognize the efforts of remarkable activities and...

8 things I look for in a Ruby on Rails app


4 months ago by Robby Russell on Robby on Rails.
As a consultant, I’ve looked over a shitload (how many? probably ~150-200) over the last 12 1/2 years in the Ruby on Rails community. I haven&#8217...