Rails LTS has been conceived as a drop-in replacement for Rails 2.3, 3.2, and 4.2. However, we do recommend...
Please choose a guide for your version of Ruby on Rails: Installing Rails 2.3 LTS Installing Rails 3.2 LTS
This document describes how to swap out the official Rails 2.3 gems with Rails 2.3 LTS. If you have installed...
This document describes install Rails 2.3 LTS when you are not using Bundler and you do not want to upgrade...
This document describes how to swap out the official Rails 3.2 gems with Rails 3.2 LTS. If you have installed...
This document describes how to swap out the official Rails 4.2 gems with Rails 4.2 LTS. If you have installed...
This document describes how to swap out the official Rails 5.2 gems with Rails 5.2 LTS. If you have installed...
This document describes how to swap out the official Rails 6.1 gems with Rails 6.1 LTS. If you have installed...
This document assumes you have installed Rails LTS before and want to update to a new version of the Rails...
Rails 3.2 LTS, 4.2 LTS, 5.2 LTS Run the following command: bundle show rails This will display the path of...
Starting with Rails LTS 2.3.18.19, it is possible to run Rails LTS with modern versions of RubyGems (2.6.13 at the...
When running bundle install --verbose on Bundler versions 1.12+, you might see errors of the form HTTP 403 Forbidden https://...
Please choose a Changelog for your version of Ruby on Rails: Rails 2.3 LTS Changelog Rails 3.2 LTS Changelog
March 24th 2026, Rails version 2.3.18.61 Backported fix for CVE-2026-33168 — XSS in tag helper. Backported fix for CVE...
March 30th 2026, Rails version 3.2.22.53 Added additional out of bounds checks for PostgreSQL integer columns for users using Arel...
March 24th 2026, Rails version 4.2.11.41 Backported fix for CVE-2026-33168 — XSS in tag helper. Backported fix for CVE...
March 24th 2026, Rails version 5.2.8.39 Backported fix for CVE-2026-33168 — XSS in tag helper. Backported fix for CVE...
March 24th 2026, Rails version 6.1.7.35 Backported fix for CVE-2026-33168 — XSS in tag helper. Backported fix for CVE...
This is a list of known CVEs relevant for Rails LTS 2.3+. All CVEs are fixed in all versions of...
Rails LTS is a service of makandra, a team of Ruby developers and Linux system engineers based in Germany. We...
We have made all versions of Rails LTS compatible with Ruby 3.3 or below. All Rails components should work as...
Note You can find the updated guide here. Rails 2.3 LTS works with Ruby 1.8.7, Ruby 2.5, and Ruby 2.7...
Note You can find the updated guide here. Rails 3.2 LTS works with Ruby 1.8.7, 1.9.3, 2.3, 2.5, and 2.7...
The Rails LTS service only covers security updates for the Rails framework, not for Ruby. As a courtesy to our...