ruby-lang.org

The latest news from Ruby-Lang.

A brand-new ruby-lang.org has been released


over 4 years ago by ruby-lang.org on ruby-lang.org.
On behalf of the Ruby community, we are pleased to announce to you that a brand-new ruby-lang.org is now live! Ruby’s official website has stalled over...

Ruby 1.9.3-p429 is released


over 4 years ago by ruby-lang.org on ruby-lang.org.
Now Ruby 1.9.3-p429 is released. We once released p426 some hours before, but it had build problems on some platforms. Use this p429 instead, please. This...

Ruby 1.9.3-p429 is released


over 4 years ago by ruby-lang.org on ruby-lang.org.
Now Ruby 1.9.3-p429 is released. We once released p426 some hours before, but it had build problems on some platforms. Use this p429 instead, please. This...

Ruby 2.0.0-p195 is released


over 4 years ago by ruby-lang.org on ruby-lang.org.
Ruby 2.0.0-p195 is released. This is the first patchlevel release of 2.0.0. This release includes a security fix of Ruby DL / Fiddle extension. Object...

Ruby 1.9.3-p426 is released


over 4 years ago by ruby-lang.org on ruby-lang.org.
Now Ruby 1.9.3-p426 is released. This release includes a security fix about bundled DL / Fiddle. Object taint bypassing in DL and Fiddle in Ruby (CVE-2013-2065...

Ruby 2.0.0-p195 is released


over 4 years ago by ruby-lang.org on ruby-lang.org.
Ruby 2.0.0-p195 is released. This is the first patchlevel release of 2.0.0. This release includes a security fix of Ruby DL / Fiddle extension. Object...

Object taint bypassing in DL and Fiddle in Ruby (CVE-2013-2065)


over 4 years ago by ruby-lang.org on ruby-lang.org.
There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby. This vulnerability...

Ruby 2.0.0-p0 is released


almost 5 years ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.0.0-p0. Ruby 2.0.0 is the first stable release of the Ruby 2.0 series, with many new features and improvements...

Ruby 1.9.3-p392 is released


almost 5 years ago by ruby-lang.org on ruby-lang.org.
Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently. This release includes security fixes about bundled JSON and REXML. Denial...

Entity expansion DoS vulnerability in REXML (XML bomb)


almost 5 years ago by ruby-lang.org on ruby-lang.org.
Unrestricted entity expansion can lead to a DoS vulnerability in REXML. This vulnerability has been assigned the CVE identifier CVE-2013-1821. We strongly...