There is a DoS vulnerability in the REXML library included in the Ruby
Standard Library. A so-called "XML entity explosion" attack technique
can be used for remotely bringing down (disabling) any application which
parses user-provided XML using REXML.
Posted by Shugo Maeda on 23 Aug 2008
Ruby 1.8.7-p72 and 1.8.6-p287 have been released. The last releases were
incomplete, and the new releases include fixes of the previously
announced vulnerability of dl.
Posted by Shugo Maeda on 11 Aug 2008
Multiple vulnerabilities have been discovered in Ruby. It's recommended
that you upgrade to the latest versions.
Posted by Shugo Maeda on 8 Aug 2008
RubyConf 2008 will be held in Orlando, Florida, USA, from November
6 to November 8.
Posted by james on 4 Aug 2008