2024 Archives

Ruby 3.4.1 has been released.

We are pleased to announce the release of Ruby 3.4.0. Ruby 3.4 adds it block parameter reference, changes Prism as default parser, adds Happy Eyeballs Version 2 support to socket library, improves YJIT, adds Modular GC, and so on.

We are pleased to announce the release of Ruby 3.4.0-rc1.

Ruby 3.3.6 has been released.

Ruby 3.2.6 has been released.

There is a ReDoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-49761. We strongly recommend upgrading the REXML gem.

We are pleased to announce the release of Ruby 3.4.0-preview2.

Ruby 3.3.5 has been released.

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-43398. We strongly recommend upgrading the REXML gem.

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-41946. We strongly recommend upgrading the REXML gem.

There are some DoS vulnerabilities in REXML gem. These vulnerabilities have been assigned the CVE identifier CVE-2024-41123. We strongly recommend upgrading the REXML gem.

Ruby 3.2.5 has been released.

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-39908. We strongly recommend upgrading the REXML gem.

Ruby 3.3.4 has been released.

Ruby 3.3.3 has been released.

Ruby 3.3.2 has been released.

We are excited to announce that Ruby’s official website, ruby-lang.org, has adopted Datadog for monitoring by Datadog OSS community support.

Ruby 3.1.6 has been released.

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-35176. We strongly recommend upgrading the REXML gem.

We are pleased to announce the release of Ruby 3.4.0-preview1.

Ruby 3.3.1 has been released.

Ruby 3.2.4 has been released.

Ruby 3.1.5 has been released.

Ruby 3.0.7 has been released.

We have released the Ruby version 3.0.7, 3.1.5, 3.2.4 and 3.3.1 that have a security fix for an arbitrary memory address read vulnerability in Regex search. This vulnerability has been assigned the CVE identifier CVE-2024-27282.

We have released the RDoc gem version 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 that have a security fix for a RCE vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27281.

We have released the StringIO gem version 3.0.1.1 and 3.0.1.2 that have a security fix for a buffer overread vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27280.

Ruby 3.2.3 has been released.