Ruby 1.9.3-p429 is released
Now Ruby 1.9.3-p429 is released. We once released p426 some hours before, but it had build problems on some platforms. Use this p429 instead, please.
Posted by usa on 14 May 2013
Ruby 2.0.0-p195 is released
Ruby 2.0.0-p195 is released. This is the first patchlevel release of 2.0.0.
Posted by nagachika on 14 May 2013
Object taint bypassing in DL and Fiddle in Ruby (CVE-2013-2065)
There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby. This vulnerability has been assigned the CVE identifier CVE-2013-2065.
Posted by usa on 14 May 2013
Ruby 2.0.0-p0 is released
We are pleased to announce the release of Ruby 2.0.0-p0.
Posted by Yusuke Endoh on 24 Feb 2013
Ruby 1.9.3-p392 is released
Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.
Posted by usa on 22 Feb 2013
Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)
Unrestricted entity expansion can lead to a DoS vulnerability in REXML. This vulnerability has been assigned the CVE identifier CVE-2013-1821. We strongly recommend to upgrade ruby.
Posted by usa on 22 Feb 2013
Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269)
There is a denial of service and unsafe object creation vulnerability in the json bundled with ruby. This vulnerability has been assigned the CVE identifier CVE-2013-0269. We strongly recommend to upgrade ruby.
Posted by usa on 22 Feb 2013
The Barcelona Ruby Conference Call for Papers is Open
Barcelona Ruby Conference is a conference that takes place in the heart of Catalunya, Spain this September 14-15. Starring world-class speakers as Aaron Patterson (rails and ruby core), David Chelimsky (The RSpec book author, RSpec core member), Charles Nutter (JRuby maintainer), Sandi Metz (Practical Object-Oriented Design in Ruby author) or Yukihiro Matz (the Ruby language creator), among others.
Posted by James Edward Gray II on 16 Feb 2013
The 2013 Ruby Hero Awards
The Ruby Hero Awards are now accepting nominations and we need your help to find people in our community who thanklessly help others and perhaps don’t get the recognition they deserve. This could be someone who contributes to ruby open source software you’ve found useful in the past year, could be an educator, or maybe someone who’s helped organize Ruby events.
Posted by James Edward Gray II on 15 Feb 2013
Ruby 2.0.0-rc2 is released
Ruby 2.0.0-rc2 is released. This will be the last release candidate of Ruby 2.0.0.
Posted by Yusuke Endoh on 8 Feb 2013
XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)
RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to apply a patch for the documentation or re-generate it with security-fixed RDoc.
Posted by usa on 6 Feb 2013
ConFoo with Ruby in Montreal
If you have never heard of ConFoo, it is one of the most important developer-oriented conferences. The team brings 100 speakers from around the globe to share their hands-on experience with various web technologies. The best news is: it’s driven by the community and is non profit!
Posted by James Edward Gray II on 23 Jan 2013