October 2019 Archives

Ruby 2.7.0-preview2 Released

We are pleased to announce the release of Ruby 2.7.0-preview2.

Continue Reading...

2020 Fukuoka Ruby Award Competition - Entries to be judged by Matz

Dear Ruby Enthusiasts,

Continue Reading...

Ruby 2.4.9 Released

Ruby 2.4.9 has been released.

Continue Reading...

CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication

Regular expression denial of service vulnerability of WEBrick’s Digest authentication module was found. An attacker can exploit this vulnerability to cause an effective denial of service against a WEBrick service.

Continue Reading...

Ruby 2.6.5 Released

Ruby 2.6.5 has been released.

Continue Reading...

Ruby 2.5.7 Released

Ruby 2.5.7 has been released.

Continue Reading...

Ruby 2.4.8 Released

Ruby 2.4.8 has been released.

Continue Reading...

CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?

A NUL injection vulnerability of Ruby built-in methods (File.fnmatch and File.fnmatch?) was found. An attacker who has the control of the path pattern parameter could exploit this vulnerability to make path matching pass despite the intention of the program author. CVE-2019-15845 has been assigned to this vulnerability.

Continue Reading...

CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)

There is an HTTP response splitting vulnerability in WEBrick bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2019-16254.

Continue Reading...

CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test

A code injection vulnerability of Shell#[] and Shell#test in a standard library (lib/shell.rb) was found. The vulnerability has been assigned the CVE identifier CVE-2019-16255.

Continue Reading...

<< Back to 2019 Archives