Recent News

2022 Fukuoka Ruby Award Competition - Entries to be judged by Matz

Dear Ruby Enthusiasts,

Continue Reading...

CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP

A trusting FTP PASV responses vulnerability was discovered in Net::FTP. This vulnerability has been assigned the CVE identifier CVE-2021-31810. We strongly recommend upgrading Ruby.

Continue Reading...

CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP

A StartTLS stripping vulnerability was discovered in Net::IMAP. This vulnerability has been assigned the CVE identifier CVE-2021-32066. We strongly recommend upgrading Ruby.

Continue Reading...

Ruby 3.0.2 Released

Ruby 3.0.2 has been released.

Continue Reading...

Ruby 2.7.4 Released

Ruby 2.7.4 has been released.

Continue Reading...

Ruby 2.6.8 Released

Ruby 2.6.8 has been released.

Continue Reading...

CVE-2021-31799: A command injection vulnerability in RDoc

There is a vulnerability about Command Injection in RDoc which is bundled in Ruby. It is recommended that all Ruby users update RDoc to the latest version that fixes this issue.

Continue Reading...

CVE-2021-28965: XML round-trip vulnerability in REXML

There is an XML round-trip vulnerability in REXML gem bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2021-28965. We strongly recommend upgrading the REXML gem.

Continue Reading...

CVE-2021-28966: Path traversal in Tempfile on Windows

There is an unintentional directory creation vulnerability in tmpdir library bundled with Ruby on Windows. And there is also an unintentional file creation vulnerability in tempfile library bundled with Ruby on Windows, because it uses tmpdir internally. This vulnerability has been assigned the CVE identifier CVE-2021-28966.

Continue Reading...

Ruby 3.0.1 Released

Ruby 3.0.1 has been released.

Continue Reading...