RubyGems is not vulnerable to the xz/liblzma backdoor - RubyGems Blog

05-Apr-2024 731
The past few days have seen the security world focused on the revelation of the xz/liblzma backdoor. For more background, see this early writeup of the issue, this GitHub Gist, this detailed timeline, and the official detail page for CVE-2024-3094.In response to the backdoor becoming public, we have done an internal audit not just of the software used to run RubyGems.org itself, but also every gem that has ever been published.We are happy to report that RubyGems.org is not vulnerable to this issue. Furthermore, we are happy to confirm that no gem currently published on RubyGems.org contains the vulnerable liblzma library.
Use coupon code:

RUBYONRAILS

to get 30% discount on our bundle!
Prepare for your next tech interview with our comprehensive collection of programming interview guides. Covering JavaScript, Ruby on Rails, React, and Python, these highly-rated books offer thousands of essential questions and answers to boost your interview success. Buy our 'Ultimate Job Interview Preparation eBook Bundle' featuring 2200+ questions across multiple languages. Ultimate Job Interview Preparation eBook Bundle