Posted by usa on 14 Dec 2017
Ruby 2.2.9 has been released. This release includes several security fixes. Please check the topics below for details.
- CVE-2017-17405: Command injection vulnerability in Net::FTP
- Unsafe Object Deserialization Vulnerability in RubyGems
Ruby 2.2 is now under the state of the security maintenance phase, until the end of the March of 2018. After the date, maintenance of Ruby 2.2 will be ended. We recommend you start planning migration to newer versions of Ruby, such as 2.4 or 2.3.
Download
-
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.9.tar.bz2
SIZE: 13371232 bytes SHA1: 773ba9b51bde612866f656c4531f59660e2b0087 SHA256: 5e3cfcc3b69638e165f72f67b1321fa05aff62b0f9e9b32042a5a79614e7c70a SHA512: 2a8c8770fda20a22b79c9115b6f468f8e7ea1092c84a5089af7a3122163e5ad298b493e6637e4d93ba02d899d8a619c94064dda8ac98cf3b93f64f45d5401085
-
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.9.tar.gz
SIZE: 16681209 bytes SHA1: cbeb1b892ffcaca8728c1cb8d513e1b485bc5eba SHA256: 2f47c77054fc40ccfde22501425256d32c4fa0ccaf9554f0d699ed436beca1a6 SHA512: 34e440d529b3bb6b2a7c0e68e64c66c903b96b736ca527398d4493e7451353c08f7cc68b83c55011b53d76411c118fcb3c9e70c1a08439a591eeee98c430c297
-
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.9.tar.xz
SIZE: 10511456 bytes SHA1: 1144e19b4cdc77ee036847d261013c88fc59b5f8 SHA256: 313b44b1105589d00bb30b9cccf7da44d263fe20a2d8d269ada536d4a7ef285c SHA512: c4ef84cd00f72f60d6c168f0726d9d7e9573549c2bbae83893e1a9d5e64fc7938f4c9d50a47147b28b37cbf36263f95e10a810c0797bad941775a48d75a8c933
-
https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.9.zip
SIZE: 18523114 bytes SHA1: ebc8ba0ae1178bf4a84b38dd0fdd97de82406cf4 SHA256: c3055ef4f985079d392dddebb1eab1e91851bfc19c0e8a11779872647d89b3b1 SHA512: 41de195641bc8cca43a726c1d707720dc9d3b8a853002548a31d171508b78dc353328c9a526dfbbc76493307c0e9e5fce669cc9fc3efc9626f84f2af5aca1a55
Release Comment
Thanks to everyone who helped with this release.