Download Latest Version
v1.3.7 source code.tar.gz (1.2 MB)
Get an email when there's a new version of Concurrent Ruby
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | 2026-06-16 | 1.7 kB | |
| v1.3.7 source code.tar.gz | 2026-06-16 | 1.2 MB | |
| v1.3.7 source code.zip | 2026-06-16 | 1.4 MB | |
| Totals: 3 Items | 2.5 MB | 1 | |
There are 3 security fixes in this release, so updating is recommended.
These security vulnerabilities are not very likely to be hit in practice and have a corresponding Low severity score.
What's Changed
- CVE-2026-54904
AtomicReference#updatelivelocks when the stored value isFloat::NAN. Fix by @Earlopain and @eregon - CVE-2026-54905
ReentrantReadWriteLockread-count overflow grants a write lock without exclusivity. Fix by @Earlopain - CVE-2026-54906
ReadWriteLockallows wrong-thread write release and stray read-release counter corruption. Fix by @Earlopain - concurrent-ruby-ext: fix build on Darwin 32-bit by @barracuda156 in https://github.com/ruby-concurrency/concurrent-ruby/pull/1064
- Add SECURITY.md by @eregon in https://github.com/ruby-concurrency/concurrent-ruby/pull/1104
- Add Ruby 4.0 in CI by @eregon in https://github.com/ruby-concurrency/concurrent-ruby/pull/1106
New Contributors
- @barracuda156 made their first contribution in https://github.com/ruby-concurrency/concurrent-ruby/pull/1064
Full Changelog: https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.3.6...v1.3.7
