From ef5d891f6b3908294bd10ed34fb0efb1dbc2905f Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot Date: Tue, 21 Apr 2026 08:45:46 +0000 Subject: [PATCH 1/2] Create release for 4.0.3 --- _data/downloads.yml | 2 +- _data/releases.yml | 24 +++++++++++ .../_posts/2026-04-21-ruby-4-0-3-released.md | 42 +++++++++++++++++++ 3 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 en/news/_posts/2026-04-21-ruby-4-0-3-released.md diff --git a/_data/downloads.yml b/_data/downloads.yml index 8e6a2e3cf2..00863f4e3e 100644 --- a/_data/downloads.yml +++ b/_data/downloads.yml @@ -7,7 +7,7 @@ preview: stable: - - 4.0.2 + - 4.0.3 - 3.4.9 - 3.3.11 - 3.2.11 diff --git a/_data/releases.yml b/_data/releases.yml index d857565d25..e2a8d8f22f 100644 --- a/_data/releases.yml +++ b/_data/releases.yml @@ -21,6 +21,30 @@ # 4.0 series +- version: 4.0.3 + date: 2026-04-21 + post: /en/news/2026/04/21/ruby-4-0-3-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/4.0/ruby-4.0.3.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/4.0/ruby-4.0.3.zip + xz: https://cache.ruby-lang.org/pub/ruby/4.0/ruby-4.0.3.tar.xz + size: + gz: 23806898 + zip: 29109899 + xz: 17878572 + sha1: + gz: 619db0f25713a8f007d5889ae6e66ba0d31118e8 + zip: d19d91723d7a19a34b860eee8544093f64c9d92f + xz: faf1f3df171d2160116d190ca32b6b00e0338bfa + sha256: + gz: 77964acc370d5c8375b9502e5ba6c13c03ef91ab9eb9f521c84fb42b9c9a6b0f + zip: a80f1a3162950cfc1ef70f066132005efbb817f7ab6f16dcc244e5f015aabbc2 + xz: 22cf6005d25bbe496b5ebe9224d63a1aaabfbfe02591bb5d612517c5a7836f29 + sha512: + gz: 6fd12620869a9a36fa2e1cce302de42f429ab9e9fae1fe3b0901ca1a1b3a606a83feed87f4b76935beb715e8a750cf718f88afef2de4e866ad574b33abb12dbe + zip: 48b18fc578b5d7cd362a549ff5091c749d0460122f5dc3701fd6dada8016253fe0e85c498e20943e1a7f360b1e9fd073939da00df4b0c8a1afdddc16c43e43bc + xz: 5816fb264ce76df59f4bfe0cadceb45025fada2e61f2c14024d6b03f63d304820cddf94afcf82a4951fd12f3b0d9148683f856f3f2245d56042fc8407b6cbff5 + - version: 4.0.2 date: 2026-03-16 post: /en/news/2026/03/16/ruby-4-0-2-released/ diff --git a/en/news/_posts/2026-04-21-ruby-4-0-3-released.md b/en/news/_posts/2026-04-21-ruby-4-0-3-released.md new file mode 100644 index 0000000000..53d540b53c --- /dev/null +++ b/en/news/_posts/2026-04-21-ruby-4-0-3-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 4.0.3 Released" +author: +translator: +date: 2026-04-21 08:45:44 +0000 +lang: en +--- + +Ruby 4.0.3 has been released. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v4.0.3) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "4.0.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. From 11738c85dec4c9e581aab3ae69707579abff6e83 Mon Sep 17 00:00:00 2001 From: Takashi Kokubun Date: Tue, 21 Apr 2026 18:09:50 +0900 Subject: [PATCH 2/2] Write up the 4.0.3 release --- en/news/_posts/2026-04-21-ruby-4-0-3-released.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/en/news/_posts/2026-04-21-ruby-4-0-3-released.md b/en/news/_posts/2026-04-21-ruby-4-0-3-released.md index 53d540b53c..9b7271e1cf 100644 --- a/en/news/_posts/2026-04-21-ruby-4-0-3-released.md +++ b/en/news/_posts/2026-04-21-ruby-4-0-3-released.md @@ -1,7 +1,7 @@ --- layout: news_post title: "Ruby 4.0.3 Released" -author: +author: k0kubun translator: date: 2026-04-21 08:45:44 +0000 lang: en @@ -9,7 +9,15 @@ lang: en Ruby 4.0.3 has been released. -Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v4.0.3) for further details. +This release only contains ERB 6.0.1.1, which fixes [CVE-2026-41316](https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/). + +If your application calls Marshal.load on untrusted data AND has both erb and activesupport loaded, please update your ERB to one of those versions. You can use this Ruby 4.0.3 release to do so. + +## Release Schedule + +We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent *regular* release. Ruby 4.0.4 will be released in May, 4.0.5 in July, 4.0.6 in September, and 4.0.7 in November. + +If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly. ## Download