Ruby 1.9.3-p392 is released (includes two security fixes)

U.Nakamura February 22, 2013, 2:20pm 1

Hi, ruby users,

Now Ruby 1.9.3-p392 is released.
I apologize for updating too frequently.

This release includes security fixes about bundled JSON and REXML.

Denial of Service and Unsafe Object Creation Vulnerability in JSON
(CVE-2013-0269)
Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269)
Entity expansion DoS vulnerability in REXML (XML bomb)
Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)

And some small bugfixes are also included.

See tickets
Issues - Backport193 - Ruby Issue Tracking System
and ChangeLog
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_3_392/ChangeLog
for details.

== Download

You can download this release from:

ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.bz2

SIZE: 10024221 bytes
MD5: a810d64e2255179d2f334eb61fb8519c
SHA256:
5a7334dfdf62966879bf539b8a9f0b889df6f3b3824fb52a9303c3c3d3a58391
ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.gz

SIZE: 12557294 bytes
MD5: f689a7b61379f83cbbed3c7077d83859
SHA256:
8861ddadb2cd30fb30e42122741130d12f6543c3d62d05906cd41076db70975f
ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.zip

SIZE: 13863402 bytes
MD5: 212fb3bc41257b41d1f8bfe0725916b7
SHA256:
f200ce4a63ce57bea64028a507350717c2a16bdbba6d9538bc69e9e7c2177c8b

== Release Comment

Many committers, testers and users who gave bug reports helped me to
make this release.
Thanks for their contributions.

Regards,

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs