Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.1154 Support of Ruby 2.3 has ended 5 April 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Ruby 2.3 Publisher: rails Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://www.ruby-lang.org/en/news/2019/03/31/support-of-ruby-2-3-has-ended/ - --------------------------BEGIN INCLUDED TEXT-------------------- Support of Ruby 2.3 has ended Posted by antonpaisov on 31 Mar 2019 We announce that all support of the Ruby 2.3 series has ended. After the release of Ruby 2.3.7 on March 28, 2018, the support of the Ruby 2.3 series was in the security maintenance phase. Now, after one year has passed, this phase has ended. Therefore, on March 31, 2019, all support of the Ruby 2.3 series ends. Security and bug fixes from more recent Ruby versions will no longer be backported to 2.3. There won t be any patches of 2.3 either. We highly recommend that you upgrade to Ruby 2.6 or 2.5 as soon as possible. About currently supported Ruby versions Ruby 2.6 series Currently in normal maintenance phase. We will backport bug fixes and release with the fixes whenever necessary. And, if a critical security issue is found, we will release an urgent fix for it. Ruby 2.5 series Currently in normal maintenance phase. We will backport bug fixes and release with the fixes whenever necessary. And, if a critical security issue is found, we will release an urgent fix for it. Ruby 2.4 series Currently in security maintenance phase. We will never backport any bug fixes to 2.4 except security fixes. If a critical security issue is found, we will release an urgent fix for it. We are planning to end the support of the Ruby 2.4 series on March 31, 2020. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXKaXHWaOgq3Tt24GAQj5MBAAxmkyFb5AhX4FlRX4ATQ3g+P7ClVoT29O C0q+UT1X7+Am1jTAAl6CQMyRqmZEhtBfngiZZ9RCpfwvt1TqLVM+h6Trn8HCitmX kpZp871qHjgRah1TBugQ162mL6Nah4Ke5OSotqFrmPkaf7LQzvUXm5StpSPE1D22 mJxDORagPqP6IbVKzANRiQeKeQ1xrDNtNxpzh5xGRHzwR9Q3oNJUYqnYXb2eFrYy SvImP9Up4SKYHO+pseTFT+Gh8R16a3n6v77wg/hDCSgBccD/OMwT/muqwHd/cf4H yZZuyJFBEG5zQtM9SX5/85yxPWrrS7/yZlGtvwcbT7npWV3dFulqfhljX4oO0d6f mzRrwvBYExl44n55babXQwavopexHyDTOnv0vmZkVyG4KTBJ6TxD1O+2zQHW21hP TDWJ+E1mJYvjDWKFsuR6DKPZEXKuS23XCra1cqD24t+c/000P8BqxhoxjSfGCGrv o0tlq3B4Gp89s+833drTekN5jmxlpvVk7VJImxdSDu4FSe+U42AwJ+s0vATP0yuM rf8yO8xM8wHy2wnyz8q7+pKdjirX4aQj8uMF4URT2bhgeTwjvsgwaZyM5IQSsz+e f3TS+9fY8X/lJS6novH+RzBWvJjrlXThZM0J+cJkEgopkoL+U0Nh2Ffkwijow0Vb fOaexbNuSNQ= =4oSq -----END PGP SIGNATURE-----