Summary: | dev-lang/ruby: Safe-Level Security Bypass Vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jean-François Brunette (RETIRED) <formula7> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ruby |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/16904/ | ||
Whiteboard: | B3 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Jean-François Brunette (RETIRED)
2005-09-23 07:07:28 UTC
Ruby is 1.8.3 ready to be marked stable? Ruby please advise. As far as I know, it's not ready. I've seen several packages state they don't work with 1.8.3 and I beleive this is due to bugs in that release. I'm not an expert though... AFAIK clean_logger.rb from Activesupport/Rails doesn't work with 1.8.3 unpatched, but people seem to blame it on that file instead of Ruby itself. I also believe that Caleb has added a patch to the Rails ebuild which deals with this problem. Some people also seem to have problems with the included openssl implementation, but as far as I can see our Ruby build isn't concerned by this (the likely problem is a missing openssl-devel package on the concerned distros, the joys of binary). Personally I'd vote for stabling 1.8.3, as from my POV the problems people have with this release are mostly their fault. Arches please test and mark stable. Stable on hppa Stable on sparc. For rails support, please upgrade dev-ruby/rubygems, dev-ruby/activesupport. Freeride, seems OK with 1.8.3; fxruby and my own tests check out with no problems. Stable on ppc. Works on x86. stable on ppc64 ruby-1.8.3 stable on alpha stable on amd64, sorry for the delay Ready for GLSA vote CAN-2005-2337 I tend to vote yes. sorry for the delay. ruby 1.8.3 doesn't compile on Panther (10.3) (missing autoconf 2.59) ruby 1.8.3 is masked on Tiger (10.4) (collisions) hence, best I could do it was to mask the older 1.8 versions on Panther also. Stable on mips. ia64 stable. I tend to vote YES too. OK, let's have a GLSA then, since nobody else wants to vote. GLSA 200510-05 arm, ppc-macos and s390 please remember to mark stable to benifit from the GLSA. now solved for ppc-macos |