Ruby 3.4.1 Released
Ruby 3.4.1 has been released.
Posted by naruse on 25 Dec 2024
Ruby 3.4.0 Released
We are pleased to announce the release of Ruby 3.4.0. Ruby 3.4 adds it block parameter reference,
change Prism as default parser, adds Happy Eyeballs Version 2 support to socket library, improves YJIT,
adds Modular GC, and so on.
Posted by naruse on 25 Dec 2024
Ruby 3.4.0 rc1 Released
We are pleased to announce the release of Ruby 3.4.0-rc1.
Posted by naruse on 12 Dec 2024
CVE-2024-49761: ReDoS vulnerability in REXML
There is a ReDoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-49761. We strongly recommend upgrading the REXML gem.
Posted by kou on 28 Oct 2024
Ruby 3.4.0 preview2 Released
We are pleased to announce the release of Ruby 3.4.0-preview2.
Posted by naruse on 7 Oct 2024
CVE-2024-43398: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-43398. We strongly recommend upgrading the REXML gem.
Posted by kou on 22 Aug 2024
CVE-2024-41946: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-41946. We strongly recommend upgrading the REXML gem.
Posted by kou on 1 Aug 2024
CVE-2024-41123: DoS vulnerabilities in REXML
There are some DoS vulnerabilities in REXML gem. These vulnerabilities have been assigned the CVE identifier CVE-2024-41123. We strongly recommend upgrading the REXML gem.
Posted by kou on 1 Aug 2024
CVE-2024-39908: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-39908. We strongly recommend upgrading the REXML gem.
Posted by watson1978 on 16 Jul 2024
Datadog provides OSS community support for ruby-lang.org
We are excited to announce that Ruby’s official website, ruby-lang.org, has adopted Datadog for monitoring by Datadog OSS community support.
Posted by hsbt on 30 May 2024
CVE-2024-35176: DoS vulnerability in REXML
There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2024-35176. We strongly recommend upgrading the REXML gem.
Posted by kou on 16 May 2024
Ruby 3.4.0 preview1 Released
We are pleased to announce the release of Ruby 3.4.0-preview1.
Posted by naruse on 16 May 2024
CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
We have released the Ruby version 3.0.7, 3.1.5, 3.2.4 and 3.3.1 that have a security fix for an arbitrary memory address read vulnerability in Regex search. This vulnerability has been assigned the CVE identifier CVE-2024-27282.
Posted by hsbt on 23 Apr 2024
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
We have released the RDoc gem version 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 that have a security fix for a RCE vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27281.
Posted by hsbt on 21 Mar 2024
CVE-2024-27280: Buffer overread vulnerability in StringIO
We have released the StringIO gem version 3.0.1.1 and 3.0.1.2 that have a security fix for a buffer overread vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27280.
Posted by hsbt on 21 Mar 2024