CVE-2017-14064: Heap exposure vulnerability in generating JSON


over 1 year ago by ruby-lang.org on ruby-lang.org.
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064. Details The generate...

CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode


over 1 year ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033. Details If...

Ruby 2.2.8 Released


over 1 year ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-0898: Buffer underrun...

Ruby 2.3.5 Released


over 1 year ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.5 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check...

CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf


over 1 year ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in the sprintf method of Kernel module. This vulnerability has been assigned the CVE identifier CVE-2017-0898.Details...

CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick


over 1 year ago by ruby-lang.org on ruby-lang.org.
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE...

Ruby 2.4.2 Released


over 1 year ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes. CVE-2017-0898: Buffer underrun vulnerability in Kernel...

Multiple vulnerabilities in RubyGems


over 1 year ago by ruby-lang.org on ruby-lang.org.
There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems. Details The following vulnerabilities...

Nominations now being accepted for Ruby Prize 2017


over 1 year ago by ruby-lang.org on ruby-lang.org.
We are very pleased to announce you that Ruby Prize will be held this year! The Ruby Prize is given to recognize the efforts of remarkable activities and...

8 things I look for in a Ruby on Rails app


over 1 year ago by Robby Russell on Robby on Rails.
As a consultant, I’ve looked over a shitload (how many? probably ~150-200) over the last 12 1/2 years in the Ruby on Rails community. I haven&#8217...