|
Ruby 2.7.6 has been released.
This release includes a security fix. Please check the topics below for
details.
CVE-2022-28739: Buffer overrun in String-to-Float conversion
This release also includes some bug fixes. See the commit logs for further
details.
After thies release, we end the normal maintenance phase of Ruby 2.7, and
Ruby 2.7 enters the security maintenance phase. This means that we will no
longer backport any bug fixes to Ruby 2.7 excpet security fixes. Ther term
of the security maintenance pahse is scheduled for a year. Ruby 2.7 reaches
EOL and its official support ends by the end of the security maintenance
phase. Therefore, we recommend that you start to plan upgrade to Ruby 3.0
or 3.1.
|
