Follow Rubyland's news and updates in a matter of seconds! We will deliver any update via email, phone or you can read them from here on the site on your own news page.
You can even combine different feeds with the feed for Rubyland.
Subscribing and unsubscribing is fast, easy and risk free.
The whole service is free of cost.
Rubyland: Rubyland
Is this your feed? Claim it!
Originally appeared on André Arko.
This post was originally given as a talk at Rubycon IT 2026. The
Originally appeared on Noteflakes.
I’ve always been interested in coding as a craft - a thing to do with your hands, your eyes and your mind. In many ways, I feel that a lot of the satisfaction and accomplishment I get from making software comes from the pr...
Originally appeared on RubySec.
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbit...Originally appeared on RubySec.
### Summary Two `Net::IMAP` commands, `#id` and `#enable`, do not validate their arguments. Arguments to either command could be used by an attacker to inject arbitrary IMAP commands. Please note that passing untrusted inputs to ...Originally appeared on RubySec.
### Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next com...