ruby-lang.org

The latest news from Ruby-Lang.

CVE-2017-14064: Heap exposure vulnerability in generating JSON


10 months ago by ruby-lang.org on ruby-lang.org.
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064. Details The generate...

CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode


10 months ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033. Details If...

Ruby 2.2.8 Released


10 months ago by ruby-lang.org on ruby-lang.org.
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details. CVE-2017-0898: Buffer underrun...

Ruby 2.3.5 Released


10 months ago by ruby-lang.org on ruby-lang.org.
Ruby 2.3.5 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check...

CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf


10 months ago by ruby-lang.org on ruby-lang.org.
There is a buffer underrun vulnerability in the sprintf method of Kernel module. This vulnerability has been assigned the CVE identifier CVE-2017-0898.Details...

CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick


10 months ago by ruby-lang.org on ruby-lang.org.
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE...

Ruby 2.4.2 Released


10 months ago by ruby-lang.org on ruby-lang.org.
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes. CVE-2017-0898: Buffer underrun vulnerability in Kernel...

Multiple vulnerabilities in RubyGems


11 months ago by ruby-lang.org on ruby-lang.org.
There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems. Details The following vulnerabilities...

Nominations now being accepted for Ruby Prize 2017


12 months ago by ruby-lang.org on ruby-lang.org.
We are very pleased to announce you that Ruby Prize will be held this year! The Ruby Prize is given to recognize the efforts of remarkable activities and...

Support of Ruby 2.1 has ended


over 1 year ago by ruby-lang.org on ruby-lang.org.
We announce that all support of the Ruby 2.1 series has ended. After the release of Ruby 2.1.10 at the end of March of the last year, the support of the...