ruby-lang.org

The latest news from Ruby-Lang.

CVE-2017-17405: Command injection vulnerability in Net::FTP


1 day ago by ruby-lang.org on ruby-lang.org.
There is a command injection vulnerability in Net::FTP bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-17405. Details...

Ruby 2.2.9 Released


1 day ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.9 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-17405: Command injection...

Ruby 2.3.6 Released


1 day ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.6 has been released. This release includes about 10 bug fixes after the previous release, and also includes several security fixes. Please check...

Ruby 2.4.3 Released


1 day ago by ruby-lang.org on ruby-lang.org.
Ruby 2.4.3 has been released. This release includes some bug fixes and a security fix. CVE-2017-17405: Command injection vulnerability in Net::FTPThere...

Ruby 2.5.0-rc1 Released


1 day ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.5.0-rc1. Ruby 2.5.0-rc1 is the first preview release toward Ruby 2.5.0. It introduces some new features...

Ruby 2.5.0-preview1 Released


2 months ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.5.0-preview1. Ruby 2.5.0-preview1 is the first preview release toward Ruby 2.5.0. It introduces some new...

CVE-2017-14064: Heap exposure vulnerability in generating JSON


3 months ago by ruby-lang.org on ruby-lang.org.
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064. Details The generate...

CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode


3 months ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033. Details If...

Ruby 2.2.8 Released


3 months ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-0898: Buffer underrun...

Ruby 2.3.5 Released


3 months ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.5 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check...