-
Notifications
You must be signed in to change notification settings - Fork 5.3k
Security
Jemma Issroff edited this page Jun 8, 2023
·
2 revisions
Security vulnerabilities should be reported via an email to security@ruby-lang.org, which is a private mailing list.
DO NOT report them via redmine because redmine publishes the reported problems immediately.
The security team discusses about and fixes the vulnerability as soon as possible.
- Releases a new patch-level release of Ruby, or publishes a patch.
- Sends an email to ruby-talk and ruby-list.
- Posts an article to the news page on www.ruby-lang.org.
- Adds a link to the article into the security page on www.ruby-lang.org.
The security team consists of some of committers and other security specialists.
Release managers and distributors, who creates and distributes package of Ruby - e.g. a package manager of Ruby in some Linux distribution, should subscribe security@ruby-lang.org.
- Developer How To, Developer How To JA
- How To Contribute
- How To Report, How To Report JA
- How To Request Backport
- How To Request Features
- Developers Meeting