Ruby 2.2.10 Released
Posted by usa on 28 Mar 2018
Ruby 2.2.10 has been released. This release includes several security fixes. Please check the topics below for details.
- CVE-2017-17742: HTTP response splitting in WEBrick
- CVE-2018-8777: DoS by large request in WEBrick
- CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
- CVE-2018-8778: Buffer under-read in String#unpack
- CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
- CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
- Multiple vulnerabilities in RubyGems
Ruby 2.2 is under the state of the security maintenance phase, until the end of the March of 2018. After the date, maintenance of Ruby 2.2 will be ended. So, this release is expected to be the last release of Ruby 2.2. We will never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious regression bug. We recommend you migrating to newer versions of Ruby, such as 2.5.
Download
-
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.bz2
SIZE: 13365461 bytes SHA1: 72ee1dcfd96199d2c3092b77db7a7f439c0abd08 SHA256: a54204d2728283c9eff0cf81d654f245fa5b3447d0824f1a6bc3b2c5c827381e SHA512: f8ec96c2a5f4ecf22052ee0b1029989ded52d7bf5d41be24fef67e732e76f72119302240bca08f0547510a9cd29e941a32e263cad9c8a2bf80023d6bc97b2373 -
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.gz
SIZE: 16694179 bytes SHA1: b0207c861f3fa41cbe4909ecb89bd2fcac81fe7c SHA256: cd51019eb9d9c786d6cb178c37f6812d8a41d6914a1edaf0050c051c75d7c358 SHA512: 051124922240d2e20e74903b9c629fa897279072d2aa9b0a4e3a02331b843fa9c97c16e7073d6faec1b9f2024c3a7e36346014c30eee256f0715c5de226b5db8 -
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.xz
SIZE: 10508612 bytes SHA1: c46737f81df819c3d7423df5c644431b3fcb8fee SHA256: bf77bcb7e6666ccae8d0882ea12b05f382f963f0a9a5285a328760c06a9ab650 SHA512: 1f35458f2b1c334e64aecf42cd1df3b223fef119b6ad23394285d9f2e72da26b3ba5418950694c4a8c0b4afc43672f78459f2f7281a595cff0967eb239662ae4 -
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.zip
SIZE: 18540424 bytes SHA1: 0f4b9c6695d000cb456fe8b89f8bf6d42fb95069 SHA256: 6933eb989afb1b916c438d8eeecff1cfb0a6569c07e7190beca56b10b822207a SHA512: dfaa9a76170b0eed9cb2bf41178f2193dd3428492413b1616aaabd67ec35b9b7705b422b0fdfe38b18a1800bbce3ba161b53d229d307ea7f5c0269ef3d031980
Release Comment
Thanks to everyone who reported vulnerabilities, fixed the vulnerabilities and helped with this release.
Recent News
Ruby 4.0.0 Released
We are pleased to announce the release of Ruby 4.0.0. Ruby 4.0 introduces “Ruby Box” and “ZJIT”, and adds many improvements.
Posted by naruse on 25 Dec 2025
A New Look for Ruby's Documentation
Following the ruby-lang.org redesign, we have more news to celebrate Ruby’s 30th anniversary: docs.ruby-lang.org has a completely new look with Aliki—RDoc’s new default theme.
Posted by Stan Lo on 23 Dec 2025
Redesign our Site Identity
We are excited to announce a comprehensive redesign of our site. The design for this update was created by Taeko Akatsuka.
Posted by Hiroshi SHIBATA on 22 Dec 2025
Ruby 4.0.0 preview3 Released
We are pleased to announce the release of Ruby 4.0.0-preview3. Ruby 4.0 introduces Ruby::Box and “ZJIT”, and adds many improvements.
Posted by naruse on 18 Dec 2025