[ANN] Ruby 1.9.3 patchlevel 286

U.NAKAMURA · 12 October 2012 11:43

Hi, all

Ruby 1.9.3-p286 is released.

This release includes some security fixes, and other many bug fixes.

* $SAFE escaping vulnerability about Exception#to_s / NameError#to_s
  (CVE-2012-4464, CVE-2012-4466)
  You can see the detail via:
    http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/

* Unintentional file creation caused by inserting a illegal NUL character
You can see the detail via:
http://preview.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability

* other many bug fixes.

You can download this release from:

* ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p286.tar.bz2
  SIZE: 9961862 bytes
  MD5: e76848a86606a4fd5dcf14fc4b4e755e
  SHA256: 5281656c7a0ae48b64f28d845a96b4dfa16ba1357a911265752787585fb5ea64

* ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p286.tar.gz
  SIZE: 12459652 bytes
  MD5: e2469b55c2a3d0d643097d47fe4984bb
  SHA256: e94367108751fd6bce79401d947baa66096c757fd3a0856350a2abd05d26d89d

* ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p286.zip
  SIZE: 13906047 bytes
  MD5: 8b3c2d6bd306804ed198260e4f5b6418
  SHA256: 9d59c5885e66e6fbfbc49a2b6b80429141f8bdd2827747ec9a4eee7c2252b522

Regards,

···

Topic		Replies	Views
[ANN] Ruby 1.9.3 patchlevel 327 ruby-talk	0	145	9 November 2012
[ANN] Ruby 1.9.3-p448 is released (includes a security fix) ruby-talk	0	146	27 June 2013
[ruby-list:48981] Ruby 1.8.7 patchlevel 371 (CVE-2012-4466) ruby-talk	0	155	12 October 2012
[ANN] Ruby 1.9.3-p426 is released (includes a security fix) ruby-talk	3	147	17 May 2013
[ruby-list:47905] [ANN][Security] Ruby 1.9.2-p180 is released ruby-talk	0	123	18 February 2011