1.8.3 is in Portage but is ~ on all arches -------------------------------- Description: A vulnerability has been reported in Ruby, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is due in an error in "eval.c" in enforcing safe-level protections. This can be exploited to execute certain insecure methods. The vulnerability has been reported in the following versions: * Ruby version 1.6.8 and prior (old release). * Ruby version 1.8.2 and prior (stable). * Ruby version 1.9.0 2005-09-01 and prior (development). Solution: Ruby 1.8.x: Update to version 1.8.3. ftp://ftp.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz
Ruby is 1.8.3 ready to be marked stable?
Ruby please advise.
As far as I know, it's not ready. I've seen several packages state they don't work with 1.8.3 and I beleive this is due to bugs in that release. I'm not an expert though...
AFAIK clean_logger.rb from Activesupport/Rails doesn't work with 1.8.3 unpatched, but people seem to blame it on that file instead of Ruby itself. I also believe that Caleb has added a patch to the Rails ebuild which deals with this problem. Some people also seem to have problems with the included openssl implementation, but as far as I can see our Ruby build isn't concerned by this (the likely problem is a missing openssl-devel package on the concerned distros, the joys of binary). Personally I'd vote for stabling 1.8.3, as from my POV the problems people have with this release are mostly their fault.
Arches please test and mark stable.
Stable on hppa
Stable on sparc. For rails support, please upgrade dev-ruby/rubygems, dev-ruby/activesupport. Freeride, seems OK with 1.8.3; fxruby and my own tests check out with no problems.
Stable on ppc.
Works on x86.
stable on ppc64
ruby-1.8.3 stable on alpha
stable on amd64, sorry for the delay
Ready for GLSA vote
CAN-2005-2337 I tend to vote yes.
sorry for the delay. ruby 1.8.3 doesn't compile on Panther (10.3) (missing autoconf 2.59) ruby 1.8.3 is masked on Tiger (10.4) (collisions) hence, best I could do it was to mask the older 1.8 versions on Panther also.
Stable on mips.
ia64 stable.
I tend to vote YES too.
OK, let's have a GLSA then, since nobody else wants to vote.
GLSA 200510-05 arm, ppc-macos and s390 please remember to mark stable to benifit from the GLSA.
now solved for ppc-macos