JRuby v9.2.11.1 Release Notes

Release Date: 2020-03-25 // over 1 year ago
  • ๐Ÿš€ The JRuby community is pleased to announce the release of JRuby 9.2.11.1

    โฌ†๏ธ JRuby 9.2.x is compatible with Ruby 2.5.x and stays in sync with C Ruby. As always there is a mix of miscellaneous fixes so be sure to read the issue list below. All users are encouraged to upgrade.

    ๐Ÿš€ As we are actively working on 9.3.0.0 we decided to put out a mini release which fixes a single issue.

    • ๐Ÿ–จ sprintf substring string formatting with precision may expose characters (#6137)

    ๐Ÿ‘€ If you format a string using a precision specifier (e.g. %.1s) AND you pass in a substring of a larger string, you may see some of the larger string's characters in the formatted result. This is due to a bug in the handling of internal String data that causes the result to contain more characters than requested.

    long\_string = "aabbccddhelloddccbbaa"start\_index = 8sub\_str\_length = 5precision = 3sub\_string = long\_string[start\_index, sub\_str\_length]puts sprintf("%.#{precision}s", sub\_string)# =\> helloddccbb
    

    โฌ†๏ธ This bug could potentially expose sensitive content from the original String. It is unlikely to affect most users, but you are still encouraged to upgrade.

    Github Issues resolved for 9.2.11.1

    • ๐Ÿ–จ #6138 - Subtract begin offset for partial substring in sprintf 's'
    • ๐Ÿ–จ #6137 - sprintf adds extra buffer slots when precision arg truncates string slices

Previous changes from v9.2.11.0

  • ๐Ÿš€ The JRuby community is pleased to announce the release of JRuby 9.2.11.0

    โฌ†๏ธ JRuby 9.2.x is compatible with Ruby 2.5.x and stays in sync with C Ruby. As always there is a mix of miscellaneous fixes so be sure to read the issue list below. All users are encouraged to upgrade.

    Java Integration

    • ๐Ÿ“ฆ Gems and gem paths packaged inside jar files will properly load now. This 9.2.10.0 regression was caused by a change in RubyGems 3 that exposed a bug in JRuby. (#6060, #6082, #6083, #6084)

    ๐ŸŽ Performance Improvements

    • ๐Ÿ›  Fixed a major performance and memory bottleneck in backtrace generation, used by Kernel#caller and friends. This was a regression in 9.2.10.0. (#6089)

    Github Issues resolved for 9.2.11.0

    • โช #6097 - CGI.escapeHTML restore the original encoding
    • ๐Ÿ’Ž #6093 - CGI.escapeHTML crashes on invalid byte sequence where CRuby does not
    • ๐Ÿ’Ž #6091 - Check arity earlier in JavaConstructor#new_instance
    • ๐Ÿ’Ž #6090 - [9.2.10.0] bogus revision regression
    • ๐ŸŽ #6089 - Pontential performance issue
    • ๐Ÿ’Ž #6084 - Use expand_path logic for Dir.glob base path
    • โœ… #6083 - Basic smoke test with warbler no longer works with jruby-jars-9.2.10
    • โฌ†๏ธ #6082 - Upgrade to 9.2.10.0 breaks project using asciidoctor-maven-plugin
    • ๐Ÿ’Ž #6081 - Dependency convergence errors in 9.2.10.0
    • ๐Ÿ’Ž #6079 - newInstance on protected/private classes sometimes give an Index OOB Exception
    • ๐Ÿ’Ž #6060 - Globbed jar contents with expand path failing in RubyGems