--- layout: page title: 2009 Archives ---

Ruby 1.8.7-p248 released

We now have a series of patches to fix various bugs against 1.8.7 so I (Urabe Shyouhei) decided to release them. Here they are.

And excuse me for absence of a detailed release note… Please read the ChangeLog instead.

Continue Reading…

Posted by Urabe Shyouhei on 25 Dec 2009

Ruby 1.9.1-p376 is released

Ruby 1.9.1-p376 just has been released. This is a patch level release of Ruby 1.9.1 and includes the fix of CVE-2009-4124.

CVE-2009-4124

<!- RDLabel: “CVE-2009-4124” ->

The previous release, Ruby 1.9.1-p243 has a security vulnerability that allows heap overflow. This vulnerability was found by Emmanouel Kellinis, KPMG London.

I recommend all Ruby 1.9.1 users to upgrade to p376. But the vulnerability does not affect Ruby 1.8 series.

Continue Reading…

Posted by Yugui on 07 Dec 2009

Heap overflow in String

There is a heap overflow vulnerability in String#ljust, String#center and String#rjust. This has allowed an attacker to run arbitrary code in some rare cases.

Vulnerable versions

<!- RDLabel: “Vulnerable versions” ->

This vulnerability does not affect Ruby 1.8 series.

Continue Reading…

Posted by Yugui on 07 Dec 2009

MountainWest RubyConf 2010

MountainWest RubyConf 2010 will be held March 11 and 12, 2010, in Salt Lake City, UT, USA.

http://mtnwestrubyconf.org

Talk proposals are being accepted right this very minute!

Submit yours here.

But don’t delay! The submission deadline is midnight (MST) on December 31st, 2009.

Continue Reading…

Posted by james on 03 Dec 2009

RubyWorld Conference

The RubyWorld Conference will be held at the Shimane Prefectural Convention Center “Kunibiki Messe”, Shimane Prefecture, during September 7th – 8th , 2009.

The talks at the International Conference Hall will be live broadcasted at the official web site.

Stay tuned!

Posted by Shugo Maeda on 04 Sep 2009

Call for Proposals for RubyConf 2009

The Call for Proposals for presenting at RubyConf 2009 is now open.

The deadline for proposals is August 21, 2009.

You need to sign up for an account at rubyconf.org, and then you can submit your proposal.

RubyConf 2009 will take place November 19-21 2009, at the Embassy Suites Hotel at the San Francisco Airport, California, USA.

Posted by james on 03 Aug 2009

Ruby 1.9.2 preview 1 released

Ruby 1.9.2 preview 1 has been released.

This is a preview for the 1.9.2 series. It is just a snapshot. It still have some known bugs, is sometimes unstable. Let us know your view on it.

see the <a href=”http://svn.ruby-lang.org/repos/ruby/trunk/NEWS ”>NEWS and the <a href=”http://svn.ruby-lang.org/repos/ruby/trunk/ChangeLog ”>ChangeLog for more detail.

Location

<!- RDLabel: “Location” ->

Posted by Yugui on 20 Jul 2009

Ruby 1.9.1-p243 released

Ruby 1.9.1-p243 has been released.

This is a patch level release in the 1.9.1 series. It includes bug fixes.

see the ChangeLog for more details.

Location

<!- RDLabel: “Location” ->

Posted by Yugui on 20 Jul 2009

DoS vulnerability in BigDecimal

A denial of service (DoS) vulnerability was found on the BigDecimal standard library of Ruby. Conversion from BigDecimal objects into Float numbers had a problem which enables attackers to effectively cause segmentation faults.

ActiveRecord relies on this method, so most Rails applications are affected by this. Though this is not a Rails-specific issue.

Continue Reading…

Posted by Urabe Shyouhei on 09 Jun 2009

Ruby 1.8.6 maintenance moved to Engine Yard

Recently we have a welcome, historic development that the Ruby 1.8.6’s maintenance stewardship moved from me (Urabe Shyouhei) to Kirk Haines of Engine Yard.

Continue Reading…

Posted by Urabe Shyouhei on 23 May 2009

Ruby 1.9.1-p129 released

Ruby 1.9.1-p129 has been released.

This is a patch level release for Ruby 1.9.1. This fixes many bugs and two security vulnerabilities. This release contains security fix so we recommend all 1.9.1 users to upgrade your ruby.

Posted by Administrator on 12 May 2009

Ruby 1.8.7-p160 and 1.8.6-p368 released

Updates to already-released Ruby 1.8.7 and 1.8.6 have been released.

This time we have fixed dozens of bugs, including workarounds for CVE-2007-1558. Many segfaults are also fixed. For a complete list of what has been fixed, please read the ChangeLogs.

The released tarballs are available at:

Continue Reading…

Posted by Urabe Shyouhei on 18 Apr 2009

MountainWest RubyConf Schedule

The schedule for the upcoming MountainWest RubyConf is available.

You can also keep track of the conference via twitter. Just follow @mwrc

MountainWest RubyConf is being held in Salt Lake City, UT, USA, March 13 and 14 2009.

Continue Reading…

Posted by james on 25 Feb 2009

Ruby 1.9.1 released

Ruby 1.9.1 is released. This is the first stable release of the Ruby 1.9 series.

Ruby 1.9 is a new series of Ruby. It is modern, faster, with clearer syntax, multilingualized, a much improved version of Ruby.

Ruby 1.8 series has been used since 2003 and many great products were born on it.

Today, the Ruby 1.9 series starts its history as the 1.8 series did.

Please note that Ruby 1.8 still remains. 1.8.8 will be released this year.

You can read about major changes since 1.8.7 here

7 bugs have been fixed since 1.9.1 RC2.

If you encounter any bugs or any problems, please report them using the official issue tracking system.

Download from

Posted by james on 30 Jan 2009

Server maintenance

Services of ruby-lang.org will be unavailable for the server maintenance between 01:00-06:00 on 31 January 2009 (UTC). Sorry for any inconvenience.

Posted by Shugo Maeda on 28 Jan 2009