February 2013 Archives

We are pleased to announce the release of Ruby 2.0.0-p0.

Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

Unrestricted entity expansion can lead to a DoS vulnerability in REXML. This vulnerability has been assigned the CVE identifier CVE-2013-1821. We strongly recommend to upgrade ruby.

There is a denial of service and unsafe object creation vulnerability in the json bundled with ruby. This vulnerability has been assigned the CVE identifier CVE-2013-0269. We strongly recommend to upgrade ruby.

Barcelona Ruby Conference is a conference that takes place in the heart of Catalunya, Spain this September 14-15. Starring world-class speakers as Aaron Patterson (rails and ruby core), David Chelimsky (The RSpec book author, RSpec core member), Charles Nutter (JRuby maintainer), Sandi Metz (Practical Object-Oriented Design in Ruby author) or Yukihiro Matz (the Ruby language creator), among others.

The Ruby Hero Awards are now accepting nominations and we need your help to find people in our community who thanklessly help others and perhaps don’t get the recognition they deserve. This could be someone who contributes to ruby open source software you’ve found useful in the past year, could be an educator, or maybe someone who’s helped organize Ruby events.

Ruby 2.0.0-rc2 is released. This will be the last release candidate of Ruby 2.0.0.

Now Ruby 1.9.3-p385 is released.

RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to apply a patch for the documentation or re-generate it with security-fixed RDoc.