8ec69e9d5d
Ruby 2.2.10 Released Posted by usa on 28 Mar 2018 Ruby 2.2.10 has been released. This release includes several security fixes. Please check the topics below for details. * CVE-2017-17742: HTTP response splitting in WEBrick * CVE-2018-8777: DoS by large request in WEBrick * CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir * CVE-2018-8778: Buffer under-read in String#unpack * CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket * CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir * Multiple vulnerabilities in RubyGems Ruby 2.2 is under the state of the security maintenance phase, until the end of the March of 2018. After the date, maintenance of Ruby 2.2 will be ended. So, this release is expected to be the last release of Ruby 2.2. We will never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious regression bug. We recommend you migrating to newer versions of Ruby, such as 2.5. |
||
|---|---|---|
| .. | ||
| files | ||
| buildlink3.mk | ||
| DESCR | ||
| gem-extract.mk | ||
| gem-vars.mk | ||
| gem.mk | ||
| Makefile | ||
| Makefile.common | ||
| modules.mk | ||
| platform.mk | ||
| rails.mk | ||
| replace.mk | ||
| rubyversion.mk | ||