Ruby 2.5.0-preview1 Released
We are pleased to announce the release of Ruby 2.5.0-preview1.
Posted by naruse on 10 Oct 2017
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-10784.
Posted by usa on 14 Sep 2017
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
There is a buffer underrun vulnerability in the sprintf method of Kernel module.
This vulnerability has been assigned the CVE identifier CVE-2017-0898.
Posted by usa on 14 Sep 2017
Ruby 2.2.8 Released
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details.
Posted by usa on 14 Sep 2017
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033.
Posted by usa on 14 Sep 2017
CVE-2017-14064: Heap exposure vulnerability in generating JSON
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064.
Posted by usa on 14 Sep 2017
Ruby 2.4.2 Released
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes.
Posted by nagachika on 14 Sep 2017
Multiple vulnerabilities in RubyGems
There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems.
Posted by usa on 29 Aug 2017
Nominations now being accepted for Ruby Prize 2017
We are very pleased to announce you that Ruby Prize will be held this year!
Posted by Ruby Association on 21 Jul 2017