Ruby 3.4.9 Released
Ruby 3.4.9 has been released. This release includes an update to the zlib gem addressing CVE-2026-27820 , along with other bug fixes. Please see the GitHub releases for further details. We recommend updating your version of the zlib gem. This release has been made for the convenience of those who wish to continue using it as a default gem. Download https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.tar.gz SIZE: 22456968 SHA1: 6386200753caf4e336dafceeee165fa73fd234ec SHA256: 7bb4d4f5e807cc27251d14d9d6086d182c5b25875191e44ab15b709cd7a7dd9c SHA512: ac7147c0e575cf74f669abb991ee8695d4191c919f306f124b3ee85d6b61361e752a4f1afb7bdffb49aee21edace1fcc9bf2b074ada15fa6c1eb611354c1d54b https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.tar.xz SIZE: 16682004 SHA1: 1eb1b0b45b9e9191de9d2f360164e60eedf77012 SHA256: 4231c54072601a171faed1699f105985e9971c94cd382b78feb4eb44eec2dd1a SHA512: 356fb47cc56f2d25198cb95253fc20ff7d9a6fd1fa53bc475e5c440012aebe27562537c399d271357235114ade263fd625029b66cb0f9b526f9c04f169fb9580 https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.zip SIZE: 27645906 SHA1: 8c4312fe946c7eaa269e5c7cee90f3b7350235b5 SHA256: a4dd555fddefcdd4a58d2169a568f5887b125edbbda2815ea826ca1833dc41ec SHA512: 1c6cc4d03edb071f79f9ae41d43defa8393b467d30000e89ee872c6fe99bde015421cb1dd3ecfd5f0359c1c095b60833a95cd5f6c4397358f8ed98eace8720e2 Release Comment Many committers, developers, and users who provided bug reports helped us make this release. Thanks for their contributions. Posted by nagachika on 11 Mar 2026
Ruby 3.4.9 Released
The Ruby community has announced the release of Ruby 3.4.9, a minor update to the Ruby 3.4 series. This version focuses on addressing critical security vulnerabilities and improving stability for users who continue to rely on the Ruby 3.4 branch. The release was made available on March 11, 2026, and is primarily intended for those who wish to maintain compatibility with older applications or systems that have not yet migrated to newer Ruby versions.
The most significant update in Ruby 3.4.9 is the inclusion of a patch for CVE-2026-27820, a vulnerability in the zlib gem that could potentially allow remote code execution. This security flaw has been addressed in this release, ensuring that users of Ruby 3.4.9 are protected from this particular threat. In addition to the zlib fix, the release also includes a number of other bug fixes that have been reported by the Ruby community. These improvements aim to enhance the overall stability and reliability of the Ruby 3.4.9 version.
Ruby 3.4.9 is available for download in three formats: a tarball (.tar.gz), a xz-compressed tarball (.tar.xz), and a zip archive (.zip). The files can be found on the official Ruby language website at the following URLs:
- Ruby 3.4.9 tarball: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.tar.gz
- Ruby 3.4.9 xz-compressed tarball: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.tar.xz
- Ruby 3.4.9 zip archive: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.9.zip
Each file includes a SHA1, SHA256, and SHA512 checksum for verification purposes. Users are encouraged to download and verify the integrity of the files before installing Ruby 3.4.9.
The Ruby development team has emphasized the importance of this release, particularly for those who are unable or unwilling to upgrade to newer Ruby versions. The team acknowledges the contributions of numerous committers, developers, and users who have reported bugs and provided valuable feedback that led to the improvements in this release.
While Ruby 3.4.9 is not a major version update, it represents an important step in maintaining the security and stability of the Ruby 3.4 branch. Users who are still reliant on Ruby 3.4 are advised to update to this version to address the critical vulnerability in the zlib gem and benefit from the additional bug fixes.
In conclusion, the Ruby 3.4.9 release is a significant update for those who continue to use the Ruby 3.4 series. By addressing the CVE-2026-27820 vulnerability and incorporating other bug fixes, this version ensures that users can enjoy a more secure and stable Ruby environment. The Ruby community remains committed to providing timely updates and improvements to support the ongoing needs of its users.
