---
layout: page
title: 2009 Archives
---
We now have a series of patches to fix various bugs against 1.8.7 so I (Urabe Shyouhei) decided to release them. Here they are.
And excuse me for absence of a detailed release note… Please read the ChangeLog instead.
Continue Reading…
Posted by Urabe Shyouhei on 25 Dec 2009
Ruby 1.9.1-p376 just has been released. This is a patch level release of Ruby 1.9.1 and includes the fix of CVE-2009-4124.
<!
- RDLabel: “CVE-2009-4124” ->
The previous release, Ruby 1.9.1-p243 has a security vulnerability that allows heap overflow. This vulnerability was found by Emmanouel Kellinis, KPMG London.
I recommend all Ruby 1.9.1 users to upgrade to p376. But the vulnerability does not affect Ruby 1.8 series.
Continue Reading…
Posted by Yugui on 07 Dec 2009
There is a heap overflow vulnerability in String#ljust
, String#center
and String#rjust
. This has allowed an attacker to run arbitrary code in some rare cases.
<!
- RDLabel: “Vulnerable versions” ->
- All releases of Ruby 1.9.1.
This vulnerability does not affect Ruby 1.8 series.
Continue Reading…
Posted by Yugui on 07 Dec 2009
MountainWest RubyConf 2010 will be held March 11 and 12, 2010, in Salt Lake City, UT, USA.
http://mtnwestrubyconf.org
Talk proposals are being accepted right this very minute!
Submit yours here.
But don’t delay! The submission deadline is midnight (MST) on December 31st, 2009.
Continue Reading…
Posted by james on 03 Dec 2009
The RubyWorld Conference will be held at the Shimane Prefectural Convention Center “Kunibiki Messe”, Shimane Prefecture, during September 7th – 8th , 2009.
The talks at the International Conference Hall will be live broadcasted at the official web site.
Stay tuned!
Posted by Shugo Maeda on 04 Sep 2009
The Call for Proposals for presenting at RubyConf 2009 is now open.
The deadline for proposals is August 21, 2009.
You need to sign up for an account at rubyconf.org, and then you can submit your
proposal.
RubyConf 2009 will take place November 19-21 2009, at the Embassy
Suites Hotel at the San Francisco Airport, California, USA.
Posted by james on 03 Aug 2009
Ruby 1.9.2 preview 1 has been released.
This is a preview for the 1.9.2 series. It is just a snapshot. It still
have some known bugs, is sometimes unstable.
Let us know your view on it.
- Socket API was more objectified.
- Time was reimplemented and enhanced. Now Time has no max/min value, no year 2038 problem.
- New Random class for random number sequence.
- Good news for merb users: Method#parameters
see the <a href=”http://svn.ruby-lang.org/repos/ruby/trunk/NEWS
”>NEWS and the <a href=”http://svn.ruby-lang.org/repos/ruby/trunk/ChangeLog
”>ChangeLog for more detail.
<!
- RDLabel: “Location” ->
Posted by Yugui on 20 Jul 2009
Ruby 1.9.1-p243 has been released.
This is a patch level release in the 1.9.1 series.
It includes bug fixes.
see the ChangeLog for more details.
<!
- RDLabel: “Location” ->
Posted by Yugui on 20 Jul 2009
A denial of service (DoS) vulnerability was found on the BigDecimal
standard library of Ruby. Conversion from BigDecimal objects into
Float numbers had a problem which enables attackers to effectively
cause segmentation faults.
ActiveRecord relies on this method, so most Rails applications are
affected by this. Though this is not a Rails-specific issue.
Continue Reading…
Posted by Urabe Shyouhei on 09 Jun 2009
Recently we have a welcome, historic development that the Ruby
1.8.6’s maintenance stewardship moved from me (Urabe Shyouhei) to
Kirk Haines of Engine Yard.
Continue Reading…
Posted by Urabe Shyouhei on 23 May 2009
Ruby 1.9.1-p129 has been released.
This is a patch level release for Ruby 1.9.1. This fixes many bugs and
two security vulnerabilities. This release contains security fix so we
recommend all 1.9.1 users to upgrade your ruby.
Posted by Administrator on 12 May 2009
Updates to already-released Ruby 1.8.7 and 1.8.6 have been released.
This time we have fixed dozens of bugs, including workarounds for CVE-2007-1558. Many segfaults are also fixed. For a complete list of what has been fixed, please read the ChangeLogs.
The released tarballs are available at:
Continue Reading…
Posted by Urabe Shyouhei on 18 Apr 2009
The schedule for the upcoming MountainWest RubyConf is available.
You can also keep track of the conference via twitter. Just follow @mwrc
MountainWest RubyConf is being held in Salt Lake City, UT, USA, March 13 and 14 2009.
Continue Reading…
Posted by james on 25 Feb 2009
Ruby 1.9.1 is released. This is the first stable release of the Ruby 1.9 series.
Ruby 1.9 is a new series of Ruby. It is modern, faster, with clearer syntax, multilingualized, a much improved version of Ruby.
Ruby 1.8 series has been used since 2003 and many great products were born on it.
Today, the Ruby 1.9 series starts its history as the 1.8 series did.
Please note that Ruby 1.8 still remains. 1.8.8 will be released this year.
You can read about major changes since 1.8.7 here
7 bugs have been fixed since 1.9.1 RC2.
If you encounter any bugs or any problems, please report them using the official issue tracking system.
Download from
Posted by james on 30 Jan 2009
Services of ruby-lang.org will be unavailable for the server maintenance between 01:00-06:00 on 31 January 2009 (UTC).
Sorry for any inconvenience.
Posted by Shugo Maeda on 28 Jan 2009