U.NAKAMURA
2018-10-17 18:21:24 UTC
Hi, all
We've just released Ruby 2.5.2, 2.4.5 and 2.3.8.
How to download and details:
* [Ruby 2.5.2 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/)
* [Ruby 2.4.5 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/)
* [Ruby 2.3.8 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/)
These releases include several security fixes.
You can check details:
* [CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives](/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/)
* [CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly](/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/)
We strongly recommend to upgrade your ruby installations as soon as
possible.
Regards,
We've just released Ruby 2.5.2, 2.4.5 and 2.3.8.
How to download and details:
* [Ruby 2.5.2 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/)
* [Ruby 2.4.5 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/)
* [Ruby 2.3.8 Released](https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/)
These releases include several security fixes.
You can check details:
* [CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives](/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/)
* [CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly](/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/)
We strongly recommend to upgrade your ruby installations as soon as
possible.
Regards,
--
U.Nakamaura <***@garbagecollect.jp>
Unsubscribe: <mailto:ruby-talk-***@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
U.Nakamaura <***@garbagecollect.jp>
Unsubscribe: <mailto:ruby-talk-***@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>