Posted by usa on 5 Apr 2021
Ruby 2.6.7 has been released.
This release includes security fixes. Please check the topics below for details.
- CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
- CVE-2021-28965: XML round-trip vulnerability in REXML
See the commit logs for details.
By this release, we end the normal maintenance phase of Ruby 2.6, and Ruby 2.6 enters the security maintenance phase. This means that we will no longer backport any bug fixes to Ruby 2.6 except security fixes. The term of the security maintenance phase is scheduled for a year. Ruby 2.6 reaches EOL and its official support ends by the end of the security maintenance phase. Therefore, we recommend that you start to plan upgrade to Ruby 2.7 or 3.0.
Download
-
https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.7.tar.bz2
SIZE: 14136831 SHA1: 826bcbe83fde9c813a88e5d42155ea8fa6ffb017 SHA256: 775a5d47b73ce3ee5d600f993badd7b640a2caca138573326db6632858517710 SHA512: 311ec56d23d0de7a163f66c1ef4e5369b822f8409f8e1f3a25785c803f01c68dd13aa8ddcfb3a0fe6a97bf321950f8d6cd75b2babcb04158e791601914666f7a
-
https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.7.tar.gz
SIZE: 16198982 SHA1: c37ba0b0699540bbd46116c2f7440c9e7cd16553 SHA256: e4227e8b7f65485ecb73397a83e0d09dcd39f25efd411c782b69424e55c7a99e SHA512: 11689cb9a48d9a588c5526dc2581f11bcf56496ecf96a93d4bddc3e92327be29a9e7806fe19c1a774d5b9d681010936577738aae872d08950d472d04fa6c4dfa
-
https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.7.tar.xz
SIZE: 11591404 SHA1: 1fd1448125a00cd7b9994637b5e561506de6a6d3 SHA256: f43ead5626202d5432d2050eeab606e547f0554299cc1e5cf573d45670e59611 SHA512: ba6fc0a36af2a08cf1b008851e805f59ea1047724fc7b61d4bc674533b8f123cb12fa0969e9a3f57290477c0d75f974ca7e304836e4905bd96a737211df9bd21
-
https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.7.zip
SIZE: 19866856 SHA1: 762f76f2d09339862f0de18a6603cf7cbe804ec8 SHA256: 3facc52602ff1f1958b9e82a0c1837ce8b3f39c665d7ff01b9bc62f9b7a9d852 SHA512: 9c3a098a7a6133e46dbfa0208461b31a5e4eaa4a9cc3d3eed28e4d29bd2ca97bc1a90e3e433a3832e8bbd4a5bac03d0494a15e1b20237536bde2861d5e1e1cd1
Release Comment
Many committers, developers, and users who provided bug reports helped us make this release. Thanks for their contributions.
The maintenance of Ruby 2.6, including this release, is based on the “Agreement for the Ruby stable version” of the Ruby Association.