2009 Archives

Ruby 1.8.7-p248 released

We now have a series of patches to fix various bugs against 1.8.7 so I (Urabe Shyouhei) decided to release them. Here they are.

Posted by Urabe Shyouhei on 25 Dec 2009

Ruby 1.9.1-p376 is released

Ruby 1.9.1-p376 just has been released. This is a patch level release of Ruby 1.9.1 and includes the fix of CVE-2009-4124.

Posted by Yugui on 7 Dec 2009

Heap overflow in String (CVE-2009-4124)

There is a heap overflow vulnerability in String#ljust, String#center and String#rjust. This has allowed an attacker to run arbitrary code in some rare cases.

Posted by Yugui on 7 Dec 2009

MountainWest RubyConf 2010

MountainWest RubyConf 2010 will be held March 11 and 12, 2010, in Salt Lake City, UT, USA.

Posted by james on 3 Dec 2009

RubyWorld Conference

The RubyWorld Conference will be held at the Shimane Prefectural Convention Center “Kunibiki Messe”, Shimane Prefecture, during September 7th – 8th , 2009.

Posted by Shugo Maeda on 4 Sep 2009

Call for Proposals for RubyConf 2009

The Call for Proposals for presenting at RubyConf 2009 is now open.

Posted by james on 3 Aug 2009

Ruby 1.9.2 preview 1 released

Ruby 1.9.2 preview 1 has been released.

Posted by Yugui on 20 Jul 2009

Ruby 1.9.1-p243 released

Ruby 1.9.1-p243 has been released.

Posted by Yugui on 20 Jul 2009

DoS vulnerability in BigDecimal

A denial of service (DoS) vulnerability was found on the BigDecimal standard library of Ruby. Conversion from BigDecimal objects into Float numbers had a problem which enables attackers to effectively cause segmentation faults.

Posted by Urabe Shyouhei on 9 Jun 2009

Ruby 1.8.6 maintenance moved to Engine Yard

Recently we have a welcome, historic development that the Ruby 1.8.6's maintenance stewardship moved from me (Urabe Shyouhei) to Kirk Haines of Engine Yard.

Posted by Urabe Shyouhei on 23 May 2009