Posted by usa on 24 Nov 2021
Ruby 2.7.5 has been released.
This release includes security fixes. Please check the topics below for details.
- CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
- CVE-2021-41816: Buffer Overrun in CGI.escape_html
- CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
See the commit logs for details.
Download
-
https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.5.tar.bz2
SIZE: 14805180 SHA1: 2a179b601f45172b1cb38e8f157c4e6ce272c22c SHA256: d6b444341a5e06fcd6eaf1feb83a1c0c2da4705dbe4f275ee851761b185f4bd1 SHA512: 0aa2ac44bc22859a39c43d08b7c7f457df05c2dc36b2574fd70ca399143ef1000dc5e496212db9eb055bc4258523d47d26db3c57a1a5a5d63cf1b3de9f81645a -
https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.5.tar.gz
SIZE: 16923709 SHA1: c2d0f6c793f9e673f9fb22276d32f8c395ec5581 SHA256: 2755b900a21235b443bb16dadd9032f784d4a88f143d852bc5d154f22b8781f1 SHA512: 09e029b5cc15b6e4e37bcf15adb28213eaedec3ea22106d63095b37ea6b2a2b68e82e74e6b50746c87dd77e5185795d014e0db118bf0f45ffa0b0a307f5f65da -
https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.5.tar.xz
SIZE: 12072980 SHA1: 1d04fbf24150eaa1297a7ef4c7057ec0a9dca527 SHA256: d216d95190eaacf3bf165303747b02ff13f10b6cfab67a9031b502a49512b516 SHA512: 21c8a713e3ce115fc4c405113ac691ddcefc3419f528b93ca1ac59e7052c1b6e9e241da0e570e291e567f28f3d840824dbcc5967b216cbe7d6ca7a05580fa311 -
https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.5.zip
SIZE: 20702176 SHA1: 541b34fa5e7e55b6269a2bfa67e2a06ad0dcb571 SHA256: 3793d764ec8da68203eba1a7fe338fae9bafa8226cce911c8648c1b7c32ba9c2 SHA512: fe9a706f8139e59a40ab205dc88cdc613c9c69186cb2daeb5adc80bdf45290a523fa7e3fd0866fa12325039ba413ff1e1f4233073d352da08079dc903063b31a
Release Comment
Many committers, developers, and users who provided bug reports helped us make this release. Thanks for their contributions.
The maintenance of Ruby 2.7, including this release, is based on the “Agreement for the Ruby stable version” of the Ruby Association.