Ruby 2.7.1 Released
Ruby 2.7.1 has been released.
Posted by naruse on 31 Mar 2020
CVE-2020-10933: Heap exposure vulnerability in the socket library
A heap exposure vulnerability was discovered in the socket library. This vulnerability has been assigned the CVE identifier CVE-2020-10933. We strongly recommend upgrading Ruby.
Posted by mame on 31 Mar 2020
CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
There is an unsafe object creation vulnerability in the json gem bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2020-10663. We strongly recommend upgrading the json gem.
Posted by mame on 19 Mar 2020