Hi, all

We've just released Ruby 2.6.5, 2.5.7 and 2.4.8.
How to download and details:

* [Ruby 2.6.5 Released](https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-6-5-released/)
* [Ruby 2.5.7 Released](https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-5-7-released/)
* [Ruby 2.4.8 Released](https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-4-8-released/)


These releases include some security fixes.
You can check details:

* [CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test](https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/)
* [CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)](https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/)
* [CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?](https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/)
* [CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication](https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/)

We strongly recommend to upgrade your ruby installations as soon as
possible.


Regards,
-- 
U.Nakamaura <usa / garbagecollect.jp>


Unsubscribe: <mailto:ruby-talk-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>