Updated: 2024-04-23 10:00:00
Ruby A Programmer's Best Friend Home Downloads Documentation Libraries Community News Security About Ruby Menu Ruby 3.3.1 Released Posted by naruse on 23 Apr 2024 Ruby 3.3.1 has been . released This release includes security fixes . Please check the topics below for . details CVE-2024-27282 : Arbitrary memory address read vulnerability with Regex search CVE-2024-27281 : RCE vulnerability with rdoc_options in RDoc CVE-2024-27280 : Buffer overread vulnerability in StringIO See the GitHub releases for further . details Download https : cache.ruby-lang.org pub ruby 3.3 ruby-3.3.1.tar.gz SIZE : 22074535 SHA1 : affd82947d7cd84bd586f7f487a1da0c0bd8b1fd SHA256 : 8dc2af2802cc700cd182d5430726388ccf885b3f0a14fcd6a0f21ff249c9aa99 SHA512 :
Updated: 2024-04-23 10:00:00
Ruby A Programmer's Best Friend Home Downloads Documentation Libraries Community News Security About Ruby Menu Ruby 3.2.4 Released Posted by nagachika on 23 Apr 2024 Ruby 3.2.4 has been . released This release includes security fixes . Please check the topics below for . details CVE-2024-27282 : Arbitrary memory address read vulnerability with Regex search CVE-2024-27281 : RCE vulnerability with rdoc_options in RDoc CVE-2024-27280 : Buffer overread vulnerability in StringIO See the GitHub releases for further . details Download https : cache.ruby-lang.org pub ruby 3.2 ruby-3.2.4.tar.gz SIZE : 20581711 SHA1 : a177e809102270f1cd77bf23c6df30c50ee7c107 SHA256 : c72b3c5c30482dca18b0f868c9075f3f47d8168eaf626d4e682ce5b59c858692 SHA512 :
Updated: 2024-04-23 10:00:00
Ruby A Programmer's Best Friend Home Downloads Documentation Libraries Community News Security About Ruby Menu Ruby 3.1.5 Released Posted by hsbt on 23 Apr 2024 Ruby 3.1.5 has been . released This release includes security fixes . Please check the topics below for . details CVE-2024-27282 : Arbitrary memory address read vulnerability with Regex search CVE-2024-27281 : RCE vulnerability with rdoc_options in RDoc CVE-2024-27280 : Buffer overread vulnerability in StringIO See the GitHub releases for further . details Download https : cache.ruby-lang.org pub ruby 3.1 ruby-3.1.5.tar.gz SIZE : 20884264 SHA1 : e3387c8fa2b6faf20beade2239ebdfc701ee6268 SHA256 : 3685c51eeee1352c31ea039706d71976f53d00ab6d77312de6aa1abaf5cda2c5 SHA512 :
Updated: 2024-04-23 10:00:00
Ruby A Programmer's Best Friend Home Downloads Documentation Libraries Community News Security About Ruby Menu Ruby 3.0.7 Released Posted by hsbt on 23 Apr 2024 Ruby 3.0.7 has been . released This release includes security fixes . Please check the topics below for . details CVE-2024-27282 : Arbitrary memory address read vulnerability with Regex search CVE-2024-27281 : RCE vulnerability with rdoc_options in RDoc CVE-2024-27280 : Buffer overread vulnerability in StringIO See the GitHub releases for further . details After this release , Ruby 3.0 reaches EOL . In other words , this is expected to be the last release of Ruby 3.0 series . We will not release Ruby 3.0.8 even if a security vulnerability is found but could release if a severe regression is found We recommend all Ruby 3.0 users to
Updated: 2024-04-23 10:00:00
: Ruby A Programmer's Best Friend Home Downloads Documentation Libraries Community News Security About Ruby Menu CVE-2024-27282 : Arbitrary memory address read vulnerability with Regex search Posted by hsbt on 23 Apr 2024 We have released the Ruby version 3.0.7, 3.1.5, 3.2.4 and 3.3.1 that have a security fix for an arbitrary memory address read vulnerability in Regex search . This vulnerability has been assigned the CVE identifier CVE-2024-27282 Details An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler , it is possible to extract arbitrary heap data relative to the start of the text , including pointers and sensitive . strings Recommended action We recommend to update the Ruby to version 3.3.1 or later . In order to ensure
