Posted by usa on 22 Feb 2013

Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

This release includes security fixes about bundled JSON and REXML.

• Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269)
• Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)

And some small bugfixes are also included.

See tickets and ChangeLog for details.

Download

You can download this release from:

• <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.bz2>

  SIZE:   10024221 bytes
  MD5:    a810d64e2255179d2f334eb61fb8519c
  SHA256: 5a7334dfdf62966879bf539b8a9f0b889df6f3b3824fb52a9303c3c3d3a58391
  

• <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.gz>

  SIZE:   12557294 bytes
  MD5:    f689a7b61379f83cbbed3c7077d83859
  SHA256: 8861ddadb2cd30fb30e42122741130d12f6543c3d62d05906cd41076db70975f
  

• <URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.zip>

  SIZE:   13863402 bytes
  MD5:    212fb3bc41257b41d1f8bfe0725916b7
  SHA256: f200ce4a63ce57bea64028a507350717c2a16bdbba6d9538bc69e9e7c2177c8b
  

Release Comment

Many committers, testers and users who gave bug reports helped me to make this release. Thanks for their contributions.

Syndicate

Recent News (RSS)