Ruby 2.0.0-p0 is released
We are pleased to announce the release of Ruby 2.0.0-p0.
Posted by Yusuke Endoh on 24 Feb 2013
Ruby 1.9.3-p392 is released
Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.
Posted by usa on 22 Feb 2013
Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)
Unrestricted entity expansion can lead to a DoS vulnerability in REXML. This vulnerability has been assigned the CVE identifier CVE-2013-1821. We strongly recommend to upgrade ruby.
Posted by usa on 22 Feb 2013
Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269)
There is a denial of service and unsafe object creation vulnerability in the json bundled with ruby. This vulnerability has been assigned the CVE identifier CVE-2013-0269. We strongly recommend to upgrade ruby.
Posted by usa on 22 Feb 2013
The Barcelona Ruby Conference Call for Papers is Open
Barcelona Ruby Conference is a conference that takes place in the heart of Catalunya, Spain this September 14-15. Starring world-class speakers as Aaron Patterson (rails and ruby core), David Chelimsky (The RSpec book author, RSpec core member), Charles Nutter (JRuby maintainer), Sandi Metz (Practical Object-Oriented Design in Ruby author) or Yukihiro Matz (the Ruby language creator), among others.
Posted by James Edward Gray II on 16 Feb 2013
The 2013 Ruby Hero Awards
The Ruby Hero Awards are now accepting nominations and we need your help to find people in our community who thanklessly help others and perhaps don’t get the recognition they deserve. This could be someone who contributes to ruby open source software you’ve found useful in the past year, could be an educator, or maybe someone who’s helped organize Ruby events.
Posted by James Edward Gray II on 15 Feb 2013
Ruby 2.0.0-rc2 is released
Ruby 2.0.0-rc2 is released. This will be the last release candidate of Ruby 2.0.0.
Posted by Yusuke Endoh on 8 Feb 2013
XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)
RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to apply a patch for the documentation or re-generate it with security-fixed RDoc.
Posted by usa on 6 Feb 2013