Ruby/nokogiri/1.13.6

Nokogiri (鋸) makes it easy and painless to work with XML and HTML from Ruby. It provides a sensible, easy-to-understand API for reading, writing, modifying, and querying documents. It is fast and standards-compliant by relying on native parsers like libxml2, libgumbo, or xerces.

https://rubygems.org/gems/nokogiri
MIT

4 Security Vulnerabilities

Update bundled libxml2 to v2.10.3 to resolve multiple CVEs

Published date: 2022-10-18T18:12:31Z
Links:

Summary

Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to v2.10.3 from v2.9.14.

libxml2 v2.10.3 addresses the following known vulnerabilities:

Please note that this advisory only applies to the CRuby implementation of Nokogiri < 1.13.9, and only if the packaged libraries are being used. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's libxml2 release announcements.

Mitigation

Upgrade to Nokogiri >= 1.13.9.

Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 >= 2.10.3 which will also address these same issues.

Impact

libxml2 CVE-2022-2309

  • CVSS3 score: Under evaluation
  • Type: Denial of service
  • Description: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Nokogiri maintainers investigated at #2620 and determined this CVE does not affect Nokogiri users.

libxml2 CVE-2022-40304

  • CVSS3 score: Unspecified upstream
  • Type: Data corruption, denial of service
  • Description: When an entity reference cycle is detected, the entity content is cleared by setting its first byte to zero. But the entity content might be allocated from a dict. In this case, the dict entry becomes corrupted leading to all kinds of logic errors, including memory errors like double-frees.

See https://gitlab.gnome.org/GNOME/libxml2/-/commit/644a89e080bced793295f61f18aac8cfad6bece2

libxml2 CVE-2022-40303

  • CVSS3 score: Unspecified upstream
  • Type: Integer overflow
  • Description: Integer overflows with XMLPARSEHUGE

See https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0

References

Affected versions: ["1.11.0.rc3", "1.11.0.rc2", "1.11.0.rc1", "1.10.10", "1.10.9", "1.10.8", "1.10.7", "1.10.6", "1.10.5", "1.10.4", "1.10.3", "1.10.2", "1.10.1", "1.10.0", "1.10.0.rc1", "1.9.1", "1.9.0", "1.9.0.rc1", "1.8.5", "1.8.4", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.2", "1.7.1", "1.7.0.1", "1.7.0", "1.6.8.1", "1.6.8", "1.6.8.rc3", "1.6.8.rc2", "1.6.8.rc1", "1.6.7.2", "1.6.7.1", "1.6.7", "1.6.7.rc4", "1.6.7.rc3", "1.6.7.rc2", "1.6.6.4", "1.6.6.3", "1.6.6.2", "1.6.6.1", "1.6.5", "1.6.4.1", "1.6.4", "1.6.3.1", "1.6.3", "1.6.3.rc3", "1.6.3.rc2", "1.6.3.rc1", "1.6.2.1", "1.6.2", "1.6.2.rc3", "1.6.2.rc2", "1.6.2.rc1", "1.6.1", "1.6.0", "1.6.0.rc1", "1.5.11", "1.5.10", "1.5.9", "1.5.8", "1.5.7", "1.5.7.rc3", "1.5.7.rc2", "1.5.7.rc1", "1.5.6", "1.5.6.rc3", "1.5.6.rc2", "1.5.6.rc1", "1.5.5", "1.5.5.rc3", "1.5.5.rc2", "1.5.5.rc1", "1.5.4", "1.5.4.rc3", "1.5.4.rc2", "1.5.4.rc1", "1.5.3", "1.5.3.rc6", "1.5.3.rc5", "1.5.3.rc4", "1.5.3.rc3", "1.5.3.rc2", "1.5.2", "1.5.1", "1.5.1.rc1", "1.5.0", "1.5.0.beta.4", "1.5.0.beta.3", "1.5.0.beta.2", "1.5.0.beta.1", "1.4.7", "1.4.6", "1.4.5", "1.4.4.2", "1.4.4.1", "1.4.4", "1.4.3.1", "1.4.3", "1.4.2.1", "1.4.2", "1.4.1", "1.4.0", "1.3.3", "1.3.2", "1.3.1", "1.3.0", "1.2.3", "1.2.2", "1.2.1", "1.2.0", "1.1.1", "1.1.0", "1.0.7", "1.0.6", "1.0.5", "1.0.4", "1.0.3", "1.0.2", "1.0.1", "1.0.0", "1.11.0.rc4", "1.11.0", "1.11.1", "1.11.2", "1.11.3", "1.11.4", "1.11.5", "1.11.6", "1.11.7", "1.12.0.rc1", "1.12.0", "1.12.1", "1.12.2", "1.12.3", "1.12.4", "1.12.5", "1.13.0", "1.13.1", "1.13.2", "1.13.3", "1.13.4", "1.13.5", "1.13.6", "1.13.7", "1.13.8"]
Secure versions: [1.16.2, 1.16.3, 1.15.6, 1.16.4]
Recommendation: Update to version 1.16.4.

Use-after-free in libxml2 via Nokogiri::XML::Reader

Published date: 2024-03-18T20:38:40Z
Links:

Summary

Nokogiri upgrades its dependency libxml2 as follows: - v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - v1.16.2 upgrades libxml2 to 2.12.5 from 2.12.4

libxml2 v2.11.7 and v2.12.5 address the following vulnerability:

CVE-2024-25062 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 - patched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/92721970

Please note that this advisory only applies to the CRuby implementation of Nokogiri, and only if the packaged libraries are being used. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's libxml2 release announcements.

JRuby users are not affected.

Severity

The Nokogiri maintainers have evaluated this as Moderate.

Impact

From the CVE description, this issue applies to the xmlTextReader module (which underlies Nokogiri::XML::Reader):

When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

Mitigation

Upgrade to Nokogiri ~> 1.15.6 or >= 1.16.2.

Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against patched external libxml2 libraries which will also address these same issues.

Affected versions: ["1.16.0", "1.16.1", "1.11.0.rc3", "1.11.0.rc2", "1.11.0.rc1", "1.10.10", "1.10.9", "1.10.8", "1.10.7", "1.10.6", "1.10.5", "1.10.4", "1.10.3", "1.10.2", "1.10.1", "1.10.0", "1.10.0.rc1", "1.9.1", "1.9.0", "1.9.0.rc1", "1.8.5", "1.8.4", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.2", "1.7.1", "1.7.0.1", "1.7.0", "1.6.8.1", "1.6.8", "1.6.8.rc3", "1.6.8.rc2", "1.6.8.rc1", "1.6.7.2", "1.6.7.1", "1.6.7", "1.6.7.rc4", "1.6.7.rc3", "1.6.7.rc2", "1.6.6.4", "1.6.6.3", "1.6.6.2", "1.6.6.1", "1.6.5", "1.6.4.1", "1.6.4", "1.6.3.1", "1.6.3", "1.6.3.rc3", "1.6.3.rc2", "1.6.3.rc1", "1.6.2.1", "1.6.2", "1.6.2.rc3", "1.6.2.rc2", "1.6.2.rc1", "1.6.1", "1.6.0", "1.6.0.rc1", "1.5.11", "1.5.10", "1.5.9", "1.5.8", "1.5.7", "1.5.7.rc3", "1.5.7.rc2", "1.5.7.rc1", "1.5.6", "1.5.6.rc3", "1.5.6.rc2", "1.5.6.rc1", "1.5.5", "1.5.5.rc3", "1.5.5.rc2", "1.5.5.rc1", "1.5.4", "1.5.4.rc3", "1.5.4.rc2", "1.5.4.rc1", "1.5.3", "1.5.3.rc6", "1.5.3.rc5", "1.5.3.rc4", "1.5.3.rc3", "1.5.3.rc2", "1.5.2", "1.5.1", "1.5.1.rc1", "1.5.0", "1.5.0.beta.4", "1.5.0.beta.3", "1.5.0.beta.2", "1.5.0.beta.1", "1.4.7", "1.4.6", "1.4.5", "1.4.4.2", "1.4.4.1", "1.4.4", "1.4.3.1", "1.4.3", "1.4.2.1", "1.4.2", "1.4.1", "1.4.0", "1.3.3", "1.3.2", "1.3.1", "1.3.0", "1.2.3", "1.2.2", "1.2.1", "1.2.0", "1.1.1", "1.1.0", "1.0.7", "1.0.6", "1.0.5", "1.0.4", "1.0.3", "1.0.2", "1.0.1", "1.0.0", "1.11.0.rc4", "1.11.0", "1.11.1", "1.11.2", "1.11.3", "1.11.4", "1.11.5", "1.11.6", "1.11.7", "1.12.0.rc1", "1.12.0", "1.12.1", "1.12.2", "1.12.3", "1.12.4", "1.12.5", "1.13.0", "1.13.1", "1.13.2", "1.13.3", "1.13.4", "1.13.5", "1.13.6", "1.13.7", "1.13.8", "1.13.9", "1.13.10", "1.14.0.rc1", "1.14.0", "1.14.1", "1.14.2", "1.14.3", "1.14.4", "1.15.0", "1.15.1", "1.15.2", "1.14.5", "1.15.3", "1.15.4", "1.15.5"]
Secure versions: [1.16.2, 1.16.3, 1.15.6, 1.16.4]
Recommendation: Update to version 1.16.4.

Update packaged libxml2 to v2.10.4 to resolve multiple CVEs

Published date: 2023-04-11
Links:

Summary

Nokogiri v1.14.3 upgrades the packaged version of its dependency libxml2 to v2.10.4 from v2.10.3.

libxml2 v2.10.4 addresses the following known vulnerabilities:

  • CVE-2023-29469: Hashing of empty dict strings isn't deterministic
  • CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexType
  • Schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK

Please note that this advisory only applies to the CRuby implementation of Nokogiri < 1.14.3, and only if the packaged libraries are being used. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's libxml2 release announcements.

Mitigation

Upgrade to Nokogiri >= 1.14.3.

Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 >= 2.10.4 which will also address these same issues.

Impact

No public information has yet been published about the security-related issues other than the upstream commits. Examination of those changesets indicate that the more serious issues relate to libxml2 dereferencing NULL pointers and potentially segfaulting while parsing untrusted inputs.

The commits can be examined at:

Affected versions: ["1.11.0.rc3", "1.11.0.rc2", "1.11.0.rc1", "1.10.10", "1.10.9", "1.10.8", "1.10.7", "1.10.6", "1.10.5", "1.10.4", "1.10.3", "1.10.2", "1.10.1", "1.10.0", "1.10.0.rc1", "1.9.1", "1.9.0", "1.9.0.rc1", "1.8.5", "1.8.4", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.2", "1.7.1", "1.7.0.1", "1.7.0", "1.6.8.1", "1.6.8", "1.6.8.rc3", "1.6.8.rc2", "1.6.8.rc1", "1.6.7.2", "1.6.7.1", "1.6.7", "1.6.7.rc4", "1.6.7.rc3", "1.6.7.rc2", "1.6.6.4", "1.6.6.3", "1.6.6.2", "1.6.6.1", "1.6.5", "1.6.4.1", "1.6.4", "1.6.3.1", "1.6.3", "1.6.3.rc3", "1.6.3.rc2", "1.6.3.rc1", "1.6.2.1", "1.6.2", "1.6.2.rc3", "1.6.2.rc2", "1.6.2.rc1", "1.6.1", "1.6.0", "1.6.0.rc1", "1.5.11", "1.5.10", "1.5.9", "1.5.8", "1.5.7", "1.5.7.rc3", "1.5.7.rc2", "1.5.7.rc1", "1.5.6", "1.5.6.rc3", "1.5.6.rc2", "1.5.6.rc1", "1.5.5", "1.5.5.rc3", "1.5.5.rc2", "1.5.5.rc1", "1.5.4", "1.5.4.rc3", "1.5.4.rc2", "1.5.4.rc1", "1.5.3", "1.5.3.rc6", "1.5.3.rc5", "1.5.3.rc4", "1.5.3.rc3", "1.5.3.rc2", "1.5.2", "1.5.1", "1.5.1.rc1", "1.5.0", "1.5.0.beta.4", "1.5.0.beta.3", "1.5.0.beta.2", "1.5.0.beta.1", "1.4.7", "1.4.6", "1.4.5", "1.4.4.2", "1.4.4.1", "1.4.4", "1.4.3.1", "1.4.3", "1.4.2.1", "1.4.2", "1.4.1", "1.4.0", "1.3.3", "1.3.2", "1.3.1", "1.3.0", "1.2.3", "1.2.2", "1.2.1", "1.2.0", "1.1.1", "1.1.0", "1.0.7", "1.0.6", "1.0.5", "1.0.4", "1.0.3", "1.0.2", "1.0.1", "1.0.0", "1.11.0.rc4", "1.11.0", "1.11.1", "1.11.2", "1.11.3", "1.11.4", "1.11.5", "1.11.6", "1.11.7", "1.12.0.rc1", "1.12.0", "1.12.1", "1.12.2", "1.12.3", "1.12.4", "1.12.5", "1.13.0", "1.13.1", "1.13.2", "1.13.3", "1.13.4", "1.13.5", "1.13.6", "1.13.7", "1.13.8", "1.13.9", "1.13.10", "1.14.0.rc1", "1.14.0", "1.14.1", "1.14.2"]
Secure versions: [1.16.2, 1.16.3, 1.15.6, 1.16.4]
Recommendation: Update to version 1.16.4.

Use-after-free in libxml2 via Nokogiri::XML::Reader

Published date: 2024-02-04
Links:

Summary

Nokogiri upgrades its dependency libxml2 as follows: - v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - v1.16.2 upgrades libxml2 to 2.12.5 from 2.12.4

libxml2 v2.11.7 and v2.12.5 address the following vulnerability:

CVE-2024-25062 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 - patched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/92721970

Please note that this advisory only applies to the CRuby implementation of Nokogiri, and only if the packaged libraries are being used. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's libxml2 release announcements.

JRuby users are not affected.

Severity

The Nokogiri maintainers have evaluated this as Moderate.

Impact

From the CVE description, this issue applies to the xmlTextReader module (which underlies Nokogiri::XML::Reader):

When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

Mitigation

Upgrade to Nokogiri ~> 1.15.6 or >= 1.16.2.

Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against patched external libxml2 libraries which will also address these same issues.

Affected versions: ["1.11.0.rc3", "1.11.0.rc2", "1.11.0.rc1", "1.10.10", "1.10.9", "1.10.8", "1.10.7", "1.10.6", "1.10.5", "1.10.4", "1.10.3", "1.10.2", "1.10.1", "1.10.0", "1.10.0.rc1", "1.9.1", "1.9.0", "1.9.0.rc1", "1.8.5", "1.8.4", "1.8.3", "1.8.2", "1.8.1", "1.8.0", "1.7.2", "1.7.1", "1.7.0.1", "1.7.0", "1.6.8.1", "1.6.8", "1.6.8.rc3", "1.6.8.rc2", "1.6.8.rc1", "1.6.7.2", "1.6.7.1", "1.6.7", "1.6.7.rc4", "1.6.7.rc3", "1.6.7.rc2", "1.6.6.4", "1.6.6.3", "1.6.6.2", "1.6.6.1", "1.6.5", "1.6.4.1", "1.6.4", "1.6.3.1", "1.6.3", "1.6.3.rc3", "1.6.3.rc2", "1.6.3.rc1", "1.6.2.1", "1.6.2", "1.6.2.rc3", "1.6.2.rc2", "1.6.2.rc1", "1.6.1", "1.6.0", "1.6.0.rc1", "1.5.11", "1.5.10", "1.5.9", "1.5.8", "1.5.7", "1.5.7.rc3", "1.5.7.rc2", "1.5.7.rc1", "1.5.6", "1.5.6.rc3", "1.5.6.rc2", "1.5.6.rc1", "1.5.5", "1.5.5.rc3", "1.5.5.rc2", "1.5.5.rc1", "1.5.4", "1.5.4.rc3", "1.5.4.rc2", "1.5.4.rc1", "1.5.3", "1.5.3.rc6", "1.5.3.rc5", "1.5.3.rc4", "1.5.3.rc3", "1.5.3.rc2", "1.5.2", "1.5.1", "1.5.1.rc1", "1.5.0", "1.5.0.beta.4", "1.5.0.beta.3", "1.5.0.beta.2", "1.5.0.beta.1", "1.4.7", "1.4.6", "1.4.5", "1.4.4.2", "1.4.4.1", "1.4.4", "1.4.3.1", "1.4.3", "1.4.2.1", "1.4.2", "1.4.1", "1.4.0", "1.3.3", "1.3.2", "1.3.1", "1.3.0", "1.2.3", "1.2.2", "1.2.1", "1.2.0", "1.1.1", "1.1.0", "1.0.7", "1.0.6", "1.0.5", "1.0.4", "1.0.3", "1.0.2", "1.0.1", "1.0.0", "1.11.0.rc4", "1.11.0", "1.11.1", "1.11.2", "1.11.3", "1.11.4", "1.11.5", "1.11.6", "1.11.7", "1.12.0.rc1", "1.12.0", "1.12.1", "1.12.2", "1.12.3", "1.12.4", "1.12.5", "1.13.0", "1.13.1", "1.13.2", "1.13.3", "1.13.4", "1.13.5", "1.13.6", "1.13.7", "1.13.8", "1.13.9", "1.13.10", "1.14.0.rc1", "1.14.0", "1.14.1", "1.14.2", "1.14.3", "1.14.4", "1.14.5", "1.16.0.rc1", "1.16.0", "1.16.1"]
Secure versions: [1.16.2, 1.16.3, 1.15.6, 1.16.4]
Recommendation: Update to version 1.16.4.

170 Other Versions

Version License Security Released
1.16.4 MIT 2024-04-10 - 18:17 17 days
1.16.3 MIT 2024-03-15 - 21:21 about 1 month
1.16.2 MIT 2024-02-04 - 16:52 3 months
1.16.1 MIT 2 2024-02-03 - 16:27 3 months
1.16.0 MIT 2 2023-12-28 - 00:08 4 months
1.16.0.rc1 MIT 1 2023-12-13 - 22:00 5 months
1.15.6 MIT 2024-03-16 - 13:14 about 1 month
1.15.5 MIT 1 2023-11-17 - 16:13 5 months
1.15.4 MIT 1 2023-08-11 - 19:25 9 months
1.15.3 MIT 1 2023-07-05 - 14:34 10 months
1.15.2 MIT 1 2023-05-24 - 13:31 11 months
1.15.1 MIT 1 2023-05-19 - 14:06 11 months
1.15.0 MIT 1 2023-05-15 - 19:57 12 months
1.14.5 MIT 2 2023-05-24 - 13:04 11 months
1.14.4 MIT 2 2023-05-11 - 18:12 12 months
1.14.3 MIT 2 2023-04-11 - 17:00 about 1 year
1.14.2 MIT 3 2023-02-13 - 17:41 about 1 year
1.14.1 MIT 3 2023-01-30 - 19:40 about 1 year
1.14.0 MIT 3 2023-01-12 - 21:52 over 1 year
1.14.0.rc1 MIT 3 2022-12-29 - 15:47 over 1 year
1.13.10 MIT 3 2022-12-08 - 02:47 over 1 year
1.13.9 MIT 5 2022-10-18 - 15:48 over 1 year
1.13.8 MIT 6 2022-07-23 - 15:50 almost 2 years
1.13.7 MIT 4 2022-07-12 - 14:56 almost 2 years
1.13.6 MIT 4 2022-05-08 - 14:34 almost 2 years
1.13.5 MIT 6 2022-05-04 - 20:41 almost 2 years
1.13.4 MIT 7 2022-04-11 - 20:44 about 2 years
1.13.3 MIT 16 2022-02-22 - 04:52 about 2 years
1.13.2 MIT 16 2022-02-21 - 18:52 about 2 years
1.13.1 MIT 19 2022-01-13 - 16:04 over 2 years
1.13.0 MIT 19 2022-01-06 - 20:53 over 2 years
1.12.5 MIT 19 2021-09-27 - 19:03 over 2 years
1.12.4 MIT 21 2021-08-29 - 21:18 over 2 years
1.12.3 MIT 21 2021-08-10 - 19:32 over 2 years
1.12.2 MIT 21 2021-08-04 - 15:03 over 2 years
1.12.1 MIT 21 2021-08-03 - 15:11 over 2 years
1.12.0 MIT 21 2021-08-02 - 17:34 over 2 years
1.12.0.rc1 MIT 21 2021-07-09 - 20:00 almost 3 years
1.11.7 MIT 21 2021-06-03 - 00:31 almost 3 years
1.11.6 MIT 21 2021-05-26 - 13:16 almost 3 years
1.11.5 MIT 21 2021-05-20 - 03:08 almost 3 years
1.11.4 MIT 21 2021-05-14 - 23:30 almost 3 years
1.11.3 MIT 28 2021-04-07 - 20:33 about 3 years
1.11.2 MIT 28 2021-03-11 - 15:56 about 3 years
1.11.1 MIT 28 2021-01-06 - 05:30 over 3 years
1.11.0 MIT 28 2021-01-04 - 04:20 over 3 years
1.11.0.rc4 MIT 28 2020-12-29 - 16:44 over 3 years
1.11.0.rc3 MIT 29 2020-09-08 - 13:26 over 3 years
1.11.0.rc2 MIT 29 2020-04-01 - 19:18 about 4 years
1.11.0.rc1 MIT 29 2020-02-03 - 13:54 about 4 years
1.10.10 MIT 30 2020-07-06 - 13:40 almost 4 years
1.10.9 MIT 30 2020-03-01 - 19:05 about 4 years
1.10.8 MIT 30 2020-02-10 - 19:44 about 4 years
1.10.7 MIT 32 2019-12-04 - 15:29 over 4 years
1.10.6 MIT 32 2019-12-04 - 00:44 over 4 years
1.10.5 MIT 32 2019-10-31 - 19:29 over 4 years
1.10.4 MIT 40 2019-08-11 - 19:25 over 4 years
1.10.3 MIT 42 2019-04-22 - 17:10 about 5 years
1.10.2 MIT 44 2019-03-25 - 13:03 about 5 years
1.10.1 MIT 44 2019-01-13 - 06:30 over 5 years
1.10.0 MIT 44 2019-01-04 - 15:35 over 5 years
1.10.0.rc1 MIT 44 2019-01-03 - 15:05 over 5 years
1.9.1 MIT 44 2018-12-18 - 05:22 over 5 years
1.9.0 MIT 44 2018-12-17 - 15:21 over 5 years
1.9.0.rc1 MIT 44 2018-12-10 - 06:10 over 5 years
1.8.5 MIT 44 2018-10-05 - 01:14 over 5 years
1.8.4 MIT 46 2018-07-04 - 00:37 almost 6 years
1.8.3 MIT 46 2018-06-16 - 20:04 almost 6 years
1.8.2 MIT 48 2018-01-29 - 13:16 about 6 years
1.8.1 MIT 52 2017-09-19 - 16:12 over 6 years
1.8.0 MIT 56 2017-06-05 - 04:04 almost 7 years
1.7.2 MIT 56 2017-05-09 - 21:29 almost 7 years
1.7.1 MIT 58 2017-03-20 - 03:39 about 7 years
1.7.0.1 MIT 60 2017-01-04 - 05:42 over 7 years
1.7.0 MIT 60 2016-12-27 - 03:49 over 7 years
1.6.8.1 MIT 60 2016-10-03 - 04:46 over 7 years
1.6.8 MIT 60 2016-06-07 - 00:04 almost 8 years
1.6.8.rc3 MIT 62 2016-02-17 - 06:33 about 8 years
1.6.8.rc2 MIT 62 2016-01-12 - 17:08 over 8 years
1.6.8.rc1 MIT 62 2015-12-17 - 07:28 over 8 years
1.6.7.2 MIT 62 2016-01-20 - 19:18 over 8 years
1.6.7.1 MIT 64 2015-12-17 - 05:08 over 8 years
1.6.7 MIT 66 2015-11-30 - 04:21 over 8 years
1.6.7.rc4 MIT 66 2015-11-22 - 22:56 over 8 years
1.6.7.rc3 MIT 67 2015-09-04 - 17:34 over 8 years
1.6.7.rc2 MIT 67 2015-08-31 - 13:51 over 8 years
1.6.6.4 MIT 66 2015-11-19 - 20:58 over 8 years
1.6.6.3 MIT 67 2015-11-17 - 00:02 over 8 years
1.6.6.2 MIT 67 2015-01-23 - 18:53 over 9 years
1.6.6.1 MIT 67 2015-01-22 - 18:42 over 9 years
1.6.5 MIT 67 2014-11-26 - 21:07 over 9 years
1.6.4.1 MIT 67 2014-11-07 - 03:03 over 9 years
1.6.4 MIT 67 2014-11-05 - 04:32 over 9 years
1.6.3.1 MIT 67 2014-07-22 - 01:35 almost 10 years
1.6.3 MIT 67 2014-07-20 - 18:57 almost 10 years
1.6.3.rc3 MIT 68 2014-06-21 - 20:31 almost 10 years
1.6.3.rc2 MIT 68 2014-06-17 - 17:04 almost 10 years
1.6.3.rc1 MIT 68 2014-05-22 - 19:23 almost 10 years
1.6.2.1 MIT 67 2014-05-14 - 01:21 almost 10 years
1.6.2 MIT 68 2014-05-12 - 22:31 almost 10 years