2017 Archives

Dear Ruby Enthusiasts,

We are pleased to announce the release of Ruby 2.5.0.

Ruby 2.3.6 has been released.

Ruby 2.2.9 has been released. This release includes several security fixes. Please check the topics below for details.

There is a command injection vulnerability in Net::FTP bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-17405.

We are pleased to announce the release of Ruby 2.5.0-rc1.

Ruby 2.4.3 has been released.

We are pleased to announce the release of Ruby 2.5.0-preview1.

There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-10784.

There is a buffer underrun vulnerability in the sprintf method of Kernel module. This vulnerability has been assigned the CVE identifier CVE-2017-0898.

Ruby 2.3.5 has been released.

Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details.

There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033.

There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064.

We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes.

There are multiple vulnerabilities in RubyGems bundled by Ruby. It is reported at the official blog of RubyGems.

We are very pleased to announce you that Ruby Prize will be held this year!

We announce that all support of the Ruby 2.1 series has ended.

Ruby 2.3.4 has been released.

Ruby 2.2.7 has been released.

We are pleased to announce the release of Ruby 2.4.1. This is the first TEENY version release of the stable 2.4 series.