From: samuel@... Date: 2020-11-27T04:31:16+00:00 Subject: [ruby-core:101115] [Ruby master Feature#17303] Move webrick to bundled gems or remove it from stdlib Issue #17303 has been updated by ioquatix (Samuel Williams). Personally, I'm in favour of a smaller stdlib. Therefore I support this change. I also believe that we see more innovation when things are allowed to grow under their own terms rather than part of stdlib. ---------------------------------------- Feature #17303: Move webrick to bundled gems or remove it from stdlib https://bugs.ruby-lang.org/issues/17303#change-88794 * Author: hsbt (Hiroshi SHIBATA) * Status: Open * Priority: Normal * Assignee: hsbt (Hiroshi SHIBATA) ---------------------------------------- I propose to move webrick to bundled gems or remove it from stdlib of ruby. We have several vulnerability issues in webrick gem. https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/ The ruby core team don't have enough time to handle them. We should remove webrick from default gems at least. Patch for this feature: https://github.com/ruby/ruby/pull/3729 -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>