Posted by hsbt on 27 Jun 2013
Now Ruby 1.8.7-p374 is released.
This release includes follow security fixes:
- Hostname check bypassing vulnerability in SSL client (CVE-2013-4073)
- Entity expansion DoS vulnerability in REXML (XML bomb, CVE-2013-1821)
Download
- 
    https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p374.tar.bz2 SIZE: 4250351 bytes MD5: 83c92e2b57ea08f31187060098b2200b SHA256: b4e34703137f7bfb8761c4ea474f7438d6ccf440b3d35f39cc5e4d4e239c07e3
- 
    https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p374.tar.gz SIZE: 4903749 bytes MD5: b72a0bc5b824398537762e5272bbb8dc SHA256: 876eeeaaeeab10cbf4767833547d66d86d6717ef48fd3d89e27db8926a65276c
- 
    https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p374.zip SIZE: 6000586 bytes MD5: 07b1b9032b616faeafb5ac1063494925 SHA256: ed1fcc402d77814b277e2ef552c5f1e4ce3b6d1affacf5d6ba845ec0d4df67d0
Release Comment
Many people (committers, contributors and reporters) helped me to make this release. Thank you!