This is something related to computational complexity. Specially crafted series of strings that intentionally collide their hash values each other was found. With such sequences an attacker can issue a denial of service attack by, for instance, giving them as POST parameters of HTTP requests for your Rails application.
Posted by Urabe Shyouhei on 28 Dec 2011
Ruby 1.9.3 p0 is released. This is the latest stable version of 1.9 series.
See ChangeLogs and NEWS for the descriptions.
Posted by Shota Fukumori on 31 Oct 2011
Dear Ruby Enthusiasts:
The Government of Fukuoka, Japan together with “Matz” Matsumoto would like to invite you to enter the following Ruby competitions. If you have developed an interesting Ruby program, please be encouraged to apply.
Selected finalists will present their Ruby programs in front of Matz on November 3, 2011 in Silicon Valley (exact location to be announced later). Matz, together with a panel of judges, will select the winner. The winner will be invited to Fukuoka, Japan for an award ceremony to be held in March 2012 (hotel and airfare paid). If you enter the Silicon Valley competition, you will also be automatically entered in the Fukuoka competition described below.
You can enter the Fukuoka competition exclusively, or enter the above Silicon Valley Competition and be automatically entered in the Fukuoka Competition. Matz and a group of panelists will select the winners of the Fukuoka Competition. The grand prize winner will be invited to attend the award ceremony in Fukuoka, Japan in March 2012 (hotel and airfare paid). The grand prize for the Fukuoka Competition is 1 million yen(approximately $13,000!). Past grand prize winners include Rhomobile (USA) and APEC Climate Center (Korea).
Programs entered in these competitions do not have to be written entirely in Ruby but should take advantage of the unique characteristics of Ruby. Projects must have been developed or completed within the past 12 months to be eligible.
Please visit the following Fukuoka website for additional details or to enter:
http://www.myfukuoka.com/events/2012-fukuoka-ruby-award-competition
Cheers.
Posted by James Edward Gray II on 12 Oct 2011
Hello, and thank you for your getting into our community.
I know most of you more or less use version 1.8.7 of Ruby today. It was released in 2008 and was a state-of-art Ruby release back then. —I am proud to say it is no longer. Ruby’s core developers have been actively working on their new version, 1.9, and they are about to release new 1.9.3. I have been using 1.9 for years and now I cannot go back to the days without it. Rich features. Faster execution. Rubygems integrated. Rails works perfectly. I cannot but say it is totally wonderful. Everyone please, use 1.9.
But at the same time I know you cannot switch to 1.9 right now for various reasons. Maybe you have already deployed your application with 1.8.7. Maybe you use a 3rd party library and that is for 1.8.7 only. Or maybe your Linux distribution only supports 1.8.7. So I hereby announce you how long you can stick to it. It is OK if you are using 1.8.7 today but after a while, it will be shut down.
Please be ready.
Schedule:
We continue to provide normal maintenance for 1.8.7 as usual, until June 2012. You can safely assume we provide bugfixes and no incompatibility shall be introduced.
After that we stop bugfixes. We still provide security fixes until June 2013, in case you are still using 1.8.7.
We will no longer support 1.8.7 in all senses after June 2013.
Posted by Urabe Shyouhei on 06 Oct 2011
Ruby 1.9.3 rc1 has been released. This is a second preview of next version and there’re still minor known issues. But it will be fixed in next release, ruby 1.9.3-p0.
See ChangeLogs and NEWS for the descriptions.
Posted by Shota Fukumori on 24 Sep 2011
We are looking for the best speakers willing to share their skills and experience with developers and managers.
This year, ConFoo is dedicated to software development, project management and best practices.
The technical part covers different aspects of Web development such as: Ruby , PHP, Python, .Net, Java, security, content management systems, frameworks, databases, system administration, Web standards, mobile development, accessibility and software architecture.
The management and best practices parts includes: project management, agile methodology, referencing (SEO), Web marketing analysis, social networking, and start-ups.
The conference will be held in Montreal from February 29th to March 2nd, 2012 at the prestigious Hotel Hilton Bonaventure and will be preceded by a few days of training.
Talk proposals must received by September 2nd, 2011.
Visit ConFoo.ca in order to submit a proposal.
Posted by James Edward Gray II on 11 Aug 2011
Ruby 1.9.3 preview1 has been released. This is a first preview of next version and there’re still minor known issues. But it will be fixed in next release, Ruby 1.9.3-p0.
See ChangeLogs and NEWS for the descriptions.
Ruby Inside has published a review of this release.
Posted by Moru on 01 Aug 2011
Ruby 1.9.2-p290 is released.
This release doesn’t include any security fixes, but many bugs are fixed in this release.
Posted by Shota Fukumori on 15 Jul 2011
Ruby 1.8.7 was released on June 1st, 2008. In commemoration of the third anniversary of Ruby 1.8.7, we have a new patchlevel release today. It includes several bug fixes. For the detail please read the ChangeLog.
Posted by Urabe Shyouhei on 02 Jul 2011
Ruby’s issue tracker will be down from 2011-02-23 10:00+09:00 to 24:00 for planned maintenance.
If you have any issue to report, I am afraid but please post a mail to ruby-core mailing list or wait for my finishing maintenance.
Posted by Yugui on 22 Feb 2011
Posted by Urabe Shyouhei on 18 Feb 2011
A symlink race condition vulnerability was found in FileUtils.remove_entry_secure. The vulnerability allows local users to delete arbitrary files and directories.
Posted by Urabe Shyouhei on 18 Feb 2011