3.1.5
Security fix
- CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
- CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
- CVE-2024-27280: Buffer overread vulnerability in StringIO
What's Changed
- Use vcpkg instead of chocolatey for openssl by nurse · Pull Request #7788
- Skip drb tests on mswin by nurse · Pull Request #7789
- Fix test-bundled-gems for Ruby 3.1 by hsbt · Pull Request #7935
- Bug #19323: Integer overflow in
Integer#<<
- Bug #19439: Marshal.load doesn't load Regexp instance variables
- Bug #19532: Handling of 6-byte codepoints in left_adjust_char_head in CESU-8 encoding is broken
- Bug #19585: Ruby Fails to Build on macOS with --enable-shared and --with-jemalloc
- CVE-2023-36617 for Ruby 3.1 by hsbt · Pull Request #7996
- Bug #19593: Crash due to throw data set as cause
- Bug #19580: Ensure ruby_xfree won't segfault if called after ruby_vm_destruct
- Bug #19577: Backport commit 537183cd2ac0163851277b46a2f21ea5914c11c0
- Bug #19739: String coderange not cleared by String#slice!
- Bug #19379: Regex: "end pattern with unmatched parenthesis" with Ruby 3.2 and interpolation
- Bug #19543: Resizing IO::Buffer to zero bytes fails
- Bug #19084: Using
IO::Buffer
to change an extended String affects other Strings sharing the same buffer - Bug #19602:
PLATFORM_GET_INC
is broken unless unaligned word access is allowed - Bug #19025: Ripper cannot parse syntax ok code that has numbered parameters
- Bug #19788: Ripper returns a symbol instead of a token as operator for "::"
- Bug #19246: Rebuilding the loaded feature index much slower in Ruby 3.1
- Bug #19855: Array#bsearch gets wrong result when its block returns a non-integer numeric value.
- Bug #19880: Missing write barrier in iseq instruction list
- Bug #18914: Segmentation fault during Ruby test suite execution
- Bug #19894: Memory leak in complemented method entries
- Bug #19778: mkmf.rb pkg_config() interaction with RbConfig::CONFIG["cflags"]
- Relax matching pattern for rake version for Ruby 3.1 by hsbt · Pull Request #8798
- Bug #18991: False LocalJumpError when branch coverage is enabled
- Bug #19754:
IO::Buffer#get_string
raises unsuitable exception for too large offset - Bug #19985: Confusing error message when nonexistent
Pathname
forrequire
- Merge RubyGems-3.3.27 and Bundler-2.3.27 by hsbt · Pull Request #8889
- Use bundler-2.3.27 for Ruby 3.1 by hsbt · Pull Request #8895
- Lock gem versions for C ext dependencies by hsbt · Pull Request #8918
- Bug #19969: Regression of memory usage with Ruby 3.1
- Fix test session reuse but expire by nurse · Pull Request #9824
Note: This list is automatically generated by tool/gen-github-release.rb. Because of this, some commits may be missing.