Ruby 3.3.1 Released
Ruby 3.3.1 has been released.
Posted by naruse on 23 Apr 2024
CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
We have released the Ruby version 3.0.7, 3.1.5, 3.2.4 and 3.3.1 that have a security fix for an arbitrary memory address read vulnerability in Regex search. This vulnerability has been assigned the CVE identifier CVE-2024-27282.
Posted by hsbt on 23 Apr 2024
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
We have released the RDoc gem version 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 that have a security fix for a RCE vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27281.
Posted by hsbt on 21 Mar 2024
CVE-2024-27280: Buffer overread vulnerability in StringIO
We have released the StringIO gem version 3.0.1.1 and 3.0.1.2 that have a security fix for a buffer overread vulnerability. This vulnerability has been assigned the CVE identifier CVE-2024-27280.
Posted by hsbt on 21 Mar 2024
Ruby 3.3.0 Released
We are pleased to announce the release of Ruby 3.3.0. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT.
Posted by naruse on 25 Dec 2023
Ruby 3.3.0-rc1 Released
We are pleased to announce the release of Ruby 3.3.0-rc1. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT.
Posted by naruse on 11 Dec 2023