Ruby 1.9.3-p429 is released
Now Ruby 1.9.3-p429 is released. We once released p426 some hours before, but it had build problems on some platforms. Use this p429 instead, please....
Posted by usa on 14 May 2013
Ruby 2.0.0-p195 is released
Ruby 2.0.0-p195 is released. This is the first patchlevel release of 2.0.0. This release includes a security fix of Ruby DL / Fiddle extension. Object...
Posted by nagachika on 14 May 2013
Object taint bypassing in DL and Fiddle in Ruby (CVE-2013-2065)
There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set...
Posted by usa on 14 May 2013
Ruby 2.0.0-p0 is released
We are pleased to announce the release of Ruby 2.0.0-p0. Ruby 2.0.0 is the first stable release of the Ruby 2.0 series, with many new...
Posted by Yusuke Endoh on 24 Feb 2013
Ruby 1.9.3-p392 is released
Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently. This release includes security fixes about bundled JSON and REXML. Denial of Service and...
Posted by usa on 22 Feb 2013
Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)
Unrestricted entity expansion can lead to a DoS vulnerability in REXML. This vulnerability has been assigned the CVE identifier CVE-2013-1821. We strongly recommend to upgrade...
Posted by usa on 22 Feb 2013
Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269)
There is a denial of service and unsafe object creation vulnerability in the json bundled with ruby. This vulnerability has been assigned the CVE identifier...
Posted by usa on 22 Feb 2013
The Barcelona Ruby Conference Call for Papers is Open
Barcelona Ruby Conference is a conference that takes place in the heart of Catalunya, Spain this September 14-15. Starring world-class speakers as Aaron Patterson (rails...
Posted by James Edward Gray II on 16 Feb 2013
The 2013 Ruby Hero Awards
The Ruby Hero Awards are now accepting nominations and we need your help to find people in our community who thanklessly help others and perhaps...
Posted by James Edward Gray II on 15 Feb 2013
Ruby 2.0.0-rc2 is released
Ruby 2.0.0-rc2 is released. This will be the last release candidate of Ruby 2.0.0. Please give it a try, and report any issue if you...
Posted by Yusuke Endoh on 8 Feb 2013
Ruby 1.9.3-p385 is released
Now Ruby 1.9.3-p385 is released. This release includes a security fix about bundled RDoc. See this page for details. And some small bugfixes are also...
Posted by usa on 6 Feb 2013
XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)
RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version...
Posted by usa on 6 Feb 2013
ConFoo with Ruby in Montreal
If you have never heard of ConFoo, it is one of the most important developer-oriented conferences. The team brings 100 speakers from around the globe...
Posted by James Edward Gray II on 23 Jan 2013
Ruby 1.9.3-p374 is released
Now Ruby 1.9.3-p374 is released. This release includes many bug fixes. Especially, Fixed randomly SEGV problem (often reported with Rails) Windows 8 support (maybe, hopefully)...
Posted by usa on 17 Jan 2013