Translate 2018-03-28 release posts (zh_cn)

Author: dsh0416

zh_cn/news/_posts/2018-03-28-ruby-2-2-10-released.md

@@ -0,0 +1,54 @@
+---
+layout: news_post
+title: "Ruby 2.2.10 已发布"
+author: "usa"
+translator: "Delton Ding"
+date: 2018-03-28 17:00:00 +0000
+lang: zh_cn
+---
+
+Ruby 2.2.10 已发布。此次发布修复了数个安全漏洞。请检查以下主题以了解详情。
+
+* [CVE-2017-17742: WEBrick 回复分离缺陷](/zh_cn/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/)
+* [CVE-2018-8777: WEBrick 大请求 DoS 缺陷](/zh_cn/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/)
+* [CVE-2018-6914: tempfile 和 tmpdir 库中意外创建文件和目录的缺陷](/zh_cn/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/)
+* [CVE-2018-8778: String#unpack 中缓冲区欠读缺陷](/zh_cn/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/)
+* [CVE-2018-8779: UNIXServer 与 UNIXSocket 中污染的 NUL 字节可创建意外的 Socket](/zh_cn/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/)
+* [CVE-2018-8780: Dir 中污染的 NUL 字节可触发意外目录穿越](/zh_cn/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/)
+* [Multiple vulnerabilities in RubyGems](/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/)
+
+Ruby 2.2 正处于安全维护期，并将于 2018 年 3 月底停止维护。此后 Ruby 2.2 的维护将被完全终止。因此，这将会是 Ruby 2.2 的最后一个版本。我们不会再发布 Ruby 2.2 的任何新版本，除非 2.2.10 存在回归性漏洞。我们建议您更新至更新版本的 Ruby，例如 Ruby 2.5。
+
+## 下载
+
+* [https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.bz2](https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.bz2)
+
+      SIZE:   13365461 bytes
+      SHA1:   72ee1dcfd96199d2c3092b77db7a7f439c0abd08
+      SHA256: a54204d2728283c9eff0cf81d654f245fa5b3447d0824f1a6bc3b2c5c827381e
+      SHA512: f8ec96c2a5f4ecf22052ee0b1029989ded52d7bf5d41be24fef67e732e76f72119302240bca08f0547510a9cd29e941a32e263cad9c8a2bf80023d6bc97b2373
+
+* [https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.gz](https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.gz)
+
+      SIZE:   16694179 bytes
+      SHA1:   b0207c861f3fa41cbe4909ecb89bd2fcac81fe7c
+      SHA256: cd51019eb9d9c786d6cb178c37f6812d8a41d6914a1edaf0050c051c75d7c358
+      SHA512: 051124922240d2e20e74903b9c629fa897279072d2aa9b0a4e3a02331b843fa9c97c16e7073d6faec1b9f2024c3a7e36346014c30eee256f0715c5de226b5db8
+
+* [https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.xz](https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.tar.xz)
+
+      SIZE:   10508612 bytes
+      SHA1:   c46737f81df819c3d7423df5c644431b3fcb8fee
+      SHA256: bf77bcb7e6666ccae8d0882ea12b05f382f963f0a9a5285a328760c06a9ab650
+      SHA512: 1f35458f2b1c334e64aecf42cd1df3b223fef119b6ad23394285d9f2e72da26b3ba5418950694c4a8c0b4afc43672f78459f2f7281a595cff0967eb239662ae4
+
+* [https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.zip](https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.10.zip)
+
+      SIZE:   18540424 bytes
+      SHA1:   0f4b9c6695d000cb456fe8b89f8bf6d42fb95069
+      SHA256: 6933eb989afb1b916c438d8eeecff1cfb0a6569c07e7190beca56b10b822207a
+      SHA512: dfaa9a76170b0eed9cb2bf41178f2193dd3428492413b1616aaabd67ec35b9b7705b422b0fdfe38b18a1800bbce3ba161b53d229d307ea7f5c0269ef3d031980
+
+## 发布记
+
+感谢所有帮助报告缺陷、修复权限以促使此版本顺利发布的所有人。

zh_cn/news/_posts/2018-03-28-ruby-2-3-7-released.md

@@ -0,0 +1,58 @@
+---
+layout: news_post
+title: "Ruby 2.3.7 已发布"
+author: "usa"
+translator: "Delton Ding"
+date: 2018-03-28 17:00:00 +0000
+lang: zh_cn
+---
+
+Ruby 2.3.7 已发布。此次发布修复了近 70 个漏洞，包括数个安全漏洞。请检查以下主题以了解详情。
+
+* [CVE-2017-17742: WEBrick 回复分离缺陷](/zh_cn/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/)
+* [CVE-2018-8777: WEBrick 大请求 DoS 缺陷](/zh_cn/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/)
+* [CVE-2018-6914: tempfile 和 tmpdir 库中意外创建文件和目录的缺陷](/zh_cn/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/)
+* [CVE-2018-8778: String#unpack 中缓冲区欠读缺陷](/zh_cn/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/)
+* [CVE-2018-8779: UNIXServer 与 UNIXSocket 中污染的 NUL 字节可创建意外的 Socket](/zh_cn/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/)
+* [CVE-2018-8780: Dir 中污染的 NUL 字节可触发意外目录穿越](/zh_cn/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/)
+* [RubyGems 存在多个安全风险](/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/)
+
+请查看 [ChangeLog](https://svn.ruby-lang.org/repos/ruby/tags/v2_3_7/ChangeLog) 以了解细节。
+
+此版本后，我们会终止 Ruby 2.3 的正常维护，并启动安全性维护阶段。这意味着 Ruby 2.3.7 版本后除了安全性修复将不会被移植任何漏洞修复。安全性维护阶段计划持续 1 年，在此阶段后，Ruby 2.3 的维护会彻底结束。因此，我们建议您着手升级至 Ruby 2.5 或 2.4。
+
+## 下载
+
+* [https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.bz2](https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.bz2)
+
+      SIZE:   14421177 bytes
+      SHA1:   3bb88965405da5e4de2432eeb445fffa8a66fb33
+      SHA256: 18b12fafaf37d5f6c7139c1b445355aec76baa625a40300598a6c8597fc04d8e
+      SHA512: e72754f7703f0706c4b0bccd053035536053451fe069a55427984cc0bc5692b86bd51c243c5f62f78527c66b08300d2e4aa19b73e6ded13d6020aa2450e66a7d
+
+* [https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.gz](https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.gz)
+
+      SIZE:   17859100 bytes
+      SHA1:   540996fec64984ab6099e34d2f5820b14904f15a
+      SHA256: 35cd349cddf78e4a0640d28ec8c7e88a2ae0db51ebd8926cd232bb70db2c7d7f
+      SHA512: 1ceccf00981d6d60e7587e89a04cc028f976950313ee445db5afd03e323472d3e69a35423733b24f9cbd9729f034cf80d2233b5c159764839f5bee4ca7052fe0
+
+* [https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.xz](https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.xz)
+
+      SIZE:   11438124 bytes
+      SHA1:   c489248730cbce7721edd3e97de81e68eec938b2
+      SHA256: c61f8f2b9d3ffff5567e186421fa191f0d5e7c2b189b426bb84498825d548edb
+      SHA512: fd91c8db3d3aa4cc962a62f27b4d1a71f6b5567ab836e6dbfbbb1553eb269d11e12faf9e36af6c489c33b54fd89dab99bfe81a563158b704877f0628d6f5bc5a
+
+* [https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.zip](https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.zip)
+
+      SIZE:   19911423 bytes
+      SHA1:   ec6870b39125238d8d57d642225592896ed3b6d9
+      SHA256: ffa42eeff928624a05dc7ad39426c855c6e9a757417f17b6fe9e54664ec91012
+      SHA512: c85255a7f43c7df2fb11be4f9aa96e2ae70a94d3e963ccff4d8c1349ad6d455d9a436812efb24c91e451e68b8f81e5d335c6d5811b2a0e945a7070c305054434
+
+## 发布记
+
+感谢所有帮助此版本发布的人。
+
+Ruby 2.3 的维护，包括这个版本是基于 Ruby 协会的「Ruby 稳定版本协议」进行维护的。

zh_cn/news/_posts/2018-03-28-ruby-2-4-4-released.md

@@ -0,0 +1,56 @@
+---
+layout: news_post
+title: "Ruby 2.4.4 已发布"
+author: "nagachika"
+translator: "Delton Ding"
+date: 2018-03-28 17:10:00 +0000
+lang: zh_cn
+---
+
+Ruby 2.4.4 已发布。
+
+此版本修复了一些漏洞，包括一些安全性漏洞。
+
+* [CVE-2017-17742: WEBrick 回复分离缺陷](/zh_cn/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/)
+* [CVE-2018-8777: WEBrick 大请求 DoS 缺陷](/zh_cn/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/)
+* [CVE-2018-6914: tempfile 和 tmpdir 库中意外创建文件和目录的缺陷](/zh_cn/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/)
+* [CVE-2018-8778: String#unpack 中缓冲区欠读缺陷](/zh_cn/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/)
+* [CVE-2018-8779: UNIXServer 与 UNIXSocket 中污染的 NUL 字节可创建意外的 Socket](/zh_cn/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/)
+* [CVE-2018-8780: Dir 中污染的 NUL 字节可触发意外目录穿越](/zh_cn/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/)
+* [RubyGems 存在多个安全风险](/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/)
+
+除以上提及之漏洞，我们还修复了许多其他漏洞。请查询 [commit logs](https://github.com/ruby/ruby/compare/v2_4_3...v2_4_4) 以获取详情。
+
+## 下载
+
+* <https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.4.tar.bz2>
+
+      SIZE:   12659705 bytes
+      SHA1:   1cc548ba3eb821e29ab92ac13e1d5c7bf23b1526
+      SHA256: 45a8de577471b90dc4838c5ef26aeb253a56002896189055a44dc680644243f1
+      SHA512: ae632852a5f413561d8134e9ef3bb82adb37317696dd293ef92cb76709ecd45718f14116ecce35b12f1c2dd53ccae8dabc7a924a270072b697512d11f4922347
+
+* <https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.4.tar.gz>
+
+      SIZE:   14225338 bytes
+      SHA1:   ec82b0d53bd0adad9b19e6b45e44d54e9ec3f10c
+      SHA256: 254f1c1a79e4cc814d1e7320bc5bdd995dc57e08727d30a767664619a9c8ae5a
+      SHA512: fa1f6d3a4856046d4f9c3e652be225ae67f3e9ff0d117b6ed327d58cfb717fb9b1ce81d06a3302e486e7da0b5f67b16341666ceb02a554a428d221d008263ed8
+
+* <https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.4.tar.xz>
+
+      SIZE:   10049304 bytes
+      SHA1:   0eac83a0818e1d6bc661abd9f90457cff8868cff
+      SHA256: 1d0034071d675193ca769f64c91827e5f54cb3a7962316a41d5217c7bc6949f0
+      SHA512: 4dc112a149273d4221484ccbf1260c6c5fcad7e0a6e4bc91e4ef69cbc093d3191f7abd71420f80d680f8ea5d111e6803ba2af32166aa501913639e6d5696fde0
+
+* <https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.4.zip>
+
+      SIZE:   15685143 bytes
+      SHA1:   4ac11e6915c168a235b854014aa2a0d540cabd68
+      SHA256: d0ca0561be0045f2e094f2ba94f1585e66e9c1e91fe6de3f3035f4d67dce7650
+      SHA512: 79b655fda332d44097e108a76c4ff74f16930cd3ef3951c7988df325781aa0b3e724697107d964735f31a2457a835f08fa72c4eadd5ef7d3ccc1e6c9185f37e3
+
+## 发布记
+
+许多提交者、开发者和提供漏洞报告的用户帮助我们发布了这个版本。在此感谢这些人的贡献。

zh_cn/news/_posts/2018-03-28-ruby-2-5-1-released.md

@@ -0,0 +1,57 @@
+---
+layout: news_post
+title: "Ruby 2.5.1 已发布"
+author: "naruse"
+translator: "Delton Ding"
+date: 2018-03-28 17:20:00 +0000
+lang: zh_cn
+---
+
+Ruby 2.5.1 已发布。
+
+此版本修复了一些漏洞，包括一些安全性漏洞。
+
+* [CVE-2017-17742: WEBrick 回复分离缺陷](/zh_cn/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/)
+* [CVE-2018-8777: WEBrick 大请求 DoS 缺陷](/zh_cn/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/)
+* [CVE-2018-6914: tempfile 和 tmpdir 库中意外创建文件和目录的缺陷](/zh_cn/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/)
+* [CVE-2018-8778: String#unpack 中缓冲区欠读缺陷](/zh_cn/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/)
+* [CVE-2018-8779: UNIXServer 与 UNIXSocket 中污染的 NUL 字节可创建意外的 Socket](/zh_cn/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/)
+* [CVE-2018-8780: Dir 中污染的 NUL 字节可触发意外目录穿越](/zh_cn/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/)
+* [RubyGems 存在多个安全风险](/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/)
+
+
+除以上提及之漏洞，我们还修复了许多其他漏洞。请查询 [commit logs](https://github.com/ruby/ruby/compare/v2_5_0...v2_5_1) 以获取详情。
+
+## 下载
+
+* <https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.1.tar.gz>
+
+      SIZE:   15923244 bytes
+      SHA1:   93fafd57a724974b951957c522cdc4478a6bdc2e
+      SHA256: dac81822325b79c3ba9532b048c2123357d3310b2b40024202f360251d9829b1
+      SHA512: 67badcd96fd3808cafd6bc86c970cd83aee7e5ec682f34e7353663d96211a6af314a4c818e537ec8ca51fbc0737aac4e28e0ebacf1a4d1e13db558b623a0f6b1
+
+* <https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.1.zip>
+
+      SIZE:   19525307 bytes
+      SHA1:   4fe511496f1eea0c3c1ac0c5f75ef11168ad1695
+      SHA256: 5d8e490896c8353aa574be56ca9aa52c250390e76e36cd23df450c0434ada4d4
+      SHA512: 490a52081e740b37f06215740734e9a6598ee9b492995b3161d720b5b05beadb4570aa526b3df01f686881b1e259aa7d4a59c1f398989dc2d5f8250342d986f7
+
+* <https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.1.tar.bz2>
+
+      SIZE:   14000644 bytes
+      SHA1:   251fdb5ac10783b036fe923aa7986be582062361
+      SHA256: 0f5d20f012baca865381a055e73f22db814615fee3c68083182cb78a4b3b30cb
+      SHA512: 82e799ecf7257a9f5fe8691c50a478b0f91bd4bdca50341c839634b0da5cd76c5556965cb9437264b66438434c94210c949fe9dab88cbc5b3b7fa34b5382659b
+
+* <https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.1.tar.xz>
+
+      SIZE:   11348108 bytes
+      SHA1:   0fb5da56f9e5fca45e36aa24ba842d935d1691c2
+      SHA256: 886ac5eed41e3b5fc699be837b0087a6a5a3d10f464087560d2d21b3e71b754d
+      SHA512: 31bacf58469953282cd5d8b51862dcf4b84dedb927c1871bc3fca32fc157fe49187631575a70838705fe246f4555647577a7ecc26894445a7d64de5503dc11b4
+
+## 发布记
+
+许多提交者、开发者和提供漏洞报告的用户帮助我们发布了这个版本。在此感谢这些人的贡献。