3.2.4
Security fix
- CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
- CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
- CVE-2024-27280: Buffer overread vulnerability in StringIO
What's Changed
- Bug #19967: Already installed libruby.dylib is used for test on macOS
- Bug #19973: Duplicate keyword argument names don't always warn
- Bug #18743: Enumerator#next / peek re-use each others stacktraces
- Fix test session reuse but expire by nurse · Pull Request #9824
- Bug #20231: Don't wait in io_binwrite_string if not necessary.
- Bug #20194: Memory leak with TracePoint on bmethod
- Bug #20190:
invalid_encoding_string << number
should be valid encoding in some case, but does not - Bug #20245: Crash when checking symbol encoding
- Bug #19592: Unable to statically link a single extension in 3.2.x and >=3.1.4
- Bug #20327: Time.new behaves differently when passing a zone as timezone object
- Bug #20050: Segfault on Ruby 3.2.2 (and 3.1) on x86_64 Darwin 20 (rb_id_table_lookup for #hash)
Note: This list is automatically generated by tool/gen-github-release.rb. Because of this, some commits may be missing.