Ruby 1.9.1-p376 is released
Posted by Yugui on 7 Dec 2009
Ruby 1.9.1-p376 just has been released. This is a patch level release of Ruby 1.9.1 and includes the fix of CVE-2009-4124.
CVE-2009-4124
The previous release, Ruby 1.9.1-p243 has a security vulnerability that allows heap overflow. This vulnerability was found by Emmanouel Kellinis, KPMG London.
I recommend all Ruby 1.9.1 users to upgrade to p376. But the vulnerability does not affect Ruby 1.8 series.
Other fixes
In addition, 1.9.1-p376 includes > 100 bug fixes.
- Irb extension commands had been broken. It was fixed.
- Ripper had not been able to parse some Ruby codes. It was fixed.
- Fixed build failures on AIX.
- Some bug fixes of Matrix.
- Can load gems which is installed in an user's home directory.
- Some method became returning a string with a correct encoding.
See the ChangeLog for more detail.
Location
-
- <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.bz2>
- SIZE
- 7293106 bytes
- MD5
- e019ae9c643c5efe91be49e29781fb94
- SHA256
- 79164e647e23bb7c705195e0075ce6020c30dd5ec4f8c8a12a100fe0eb0d6783
-
- <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.gz>
- SIZE
- 9073007 bytes
- MD5
- ebb20550a11e7f1a2fbd6fdec2a3e0a3
- SHA256
- 58b8fc1645283fcf3d5be195dffcaf55b7c85cbc210074273b57b835409b21ca
-
- <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.zip>
- SIZE
- 10337871 bytes
- MD5
- d4d5e62f65cb92a281f1569a7f25371b
- SHA256
- 486d3efdab269040ce7142964ba3a4e0d46f0a5b812136bcac7e5bafc726c14e
Recent News
Ruby 4.0.5 Released
Ruby 4.0.5 has been released.
Posted by k0kubun on 20 May 2026
Ruby 4.0.4 Released
Ruby 4.0.4 has been released.
Posted by k0kubun on 11 May 2026
Ruby 4.0.3 Released
Ruby 4.0.3 has been released.
Posted by k0kubun on 21 Apr 2026
Ruby 3.2.11 Released
Ruby 3.2.11 has been released. This release includes an update to the zlib gem addressing CVE-2026-27820.
Posted by hsbt on 27 Mar 2026