Since the early days of Ruby, Ruby Central, Inc. has served as an organizational anchor for our community. Starting in 2001, with the organization of the first International Ruby Conference, we have been responsible for running RubyConf and subsequently RailsConf. Thanks to you all, our conferences have enjoyed broad, sustainable success, endowing us with a solid financial foundation, which we the
Summary RubyGems.org contained a bug that could allow an attacker to replace some .gem files on our servers with a different file that they supplied. We deployed a partial fix on April 2nd and a complete fix on April 4th, 2016. We also verified every .gem uploaded after Feb 8th, 2015, and found that none of them had been replaced. Gems whose name contains a dash (e.g. ‘blank-blank’) uploaded befor
TL;DR: We were able to verify that all gems served by rubygems.org are tamper-free. The Incident As most people are aware, on January 30th rubygems.org was hit with a rogue code execution vulnerability. Much has been written (and will be written) about why the bug existed and how we’re going to be dealing with making sure it never happens again. Data Verification Right now, I want to let everyone
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く