RubyFlow The Ruby and Rails community linklog

Update debian packages

In light of the recent vulnerabilities in Ruby, Zaypay has created a page with patched precompiled Ruby 1.8.6p114 packages for Debian unstable/lenny and a simple step-by-step guide on how to create your own packages. These packages allow you to run Ruby on Rails version 2.0.x and older without any problems.

Comments

The Zaypay blog doesn’t seem to enable comments, so I’ll comment here.

The patch set provided by Zaypay is not complete. See http://www.ruby-forum.com/topic/157034 for discussion. To the best of my knowledge, the patch set included in Ruby Enterprise Edition at this moment (http://blog.phusion.nl/assets/r8ee-security-patch-20080623-2.txt) is the most complete, but we’re still sorting things out with the people on ruby-talk.

Thanks for that :-) I’ve recreated the packages with the new patch applied and referenced the source of the patch.

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in