| layout |
|---|
site |
We care deeply about providing a secure Ruby environment for running your code. If you find a security issue, please send an email to [email protected]. In order to keep your message safe, you can use our public key to send the report to us.
The public key can be found in the Rubinius repository under security.pub on the website at http://rubini.us/security.pub, and in the MIT PGP database.
We will do our best to respond to you within 72 hours and will work with you to create a fix for the issue. Sending an email to [email protected] will not result in a public disclosure. We will work with you for on a public disclosure after we have a fix ready.
For security issues for extensions that are copies from CRuby, please report them there directly. The instructions can be found at http://www.ruby-lang.org/en/security/. We track those issues as well and are informed by their security team. This makes sure Rubinius also gets updated with these security fixes.