Recent News

CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc

We have released the RDoc gem version 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 that have a security fix for a RCE vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27281.

Continue Reading...

CVE-2024-27280: Buffer overread vulnerability in StringIO

We have released the StringIO gem version 3.0.1.1 and 3.0.1.2 that have a security fix for a buffer overread vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27280.

Continue Reading...

Ruby 3.2.3 Released

Ruby 3.2.3 has been released.

Continue Reading...

Ruby 3.3.0 Released

We are pleased to announce the release of Ruby 3.3.0. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT.

Continue Reading...

Ruby 3.3.0-rc1 Released

We are pleased to announce the release of Ruby 3.3.0-rc1. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT.

Continue Reading...

Ruby 3.3.0-preview3 Released

We are pleased to announce the release of Ruby 3.3.0-preview3. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT.

Continue Reading...

Ruby 3.3.0-preview2 Released

Continue Reading...

CVE-2023-36617: ReDoS vulnerability in URI

We have released the uri gem version 0.12.2, 0.10.3 that has a security fix for a ReDoS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2023-36617.

Continue Reading...

Ruby 3.3.0-preview1 Released

Continue Reading...

Ruby 3.2.2 Released

Ruby 3.2.2 has been released.

Continue Reading...