Ruby 3.2.8 Released
Ruby 3.2.8 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes.
Posted by hsbt on 26 Mar 2025
Ruby 3.1.7 Released
Ruby 3.1.7 has been released. This release includes CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes and update bundled REXML and RSS gems.
Posted by hsbt on 26 Mar 2025
Security advisories: CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221
We published security advisories for CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221. Please read the details below.
Posted by hsbt on 26 Feb 2025
CVE-2025-25186: DoS vulnerability in net-imap
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-25186. We recommend upgrading the net-imap gem.
Posted by nevans on 10 Feb 2025