ruby-lang.org

The latest news from Ruby-Lang.

CVE-2017-14064: Heap exposure vulnerability in generating JSON


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064. Details The generate...

CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033. Details If...

Ruby 2.2.8 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-0898: Buffer underrun...

Ruby 2.3.5 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.5 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check...

CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf


~1 month ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in the sprintf method of Kernel module. This vulnerability has been assigned the CVE identifier CVE-2017-0898.Details...

CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick


~1 month ago by ruby-lang.org on ruby-lang.org.
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE...

Ruby 2.4.2 Released


~1 month ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes. CVE-2017-0898: Buffer underrun vulnerability in Kernel...

Multiple vulnerabilities in RubyGems


~2 months ago by ruby-lang.org on ruby-lang.org.
There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems. Details The following vulnerabilities...

Nominations now being accepted for Ruby Prize 2017


3 months ago by ruby-lang.org on ruby-lang.org.
We are very pleased to announce you that Ruby Prize will be held this year! The Ruby Prize is given to recognize the efforts of remarkable activities and...

Support of Ruby 2.1 has ended


7 months ago by ruby-lang.org on ruby-lang.org.
We announce that all support of the Ruby 2.1 series has ended. After the release of Ruby 2.1.10 at the end of March of the last year, the support of the...