Issue #7085 has been updated by shyouhei (Shyouhei Urabe).


FYI, to follow up latest security fixes, I triggered the script manually.  github.com/ruby/ruby
is now synchronized against revision r37165 and the working copy is updated as:

ftp://ftp.ruby-lang.org/pub/incoming/ruby-gateway.r37165.tar.xz.gpg
----------------------------------------
Bug #7085: Subversion ??? GitHub gateway stops.
https://bugs.ruby-lang.org/issues/7085#change-30431

Author: shyouhei (Shyouhei Urabe)
Status: Open
Priority: Immediate
Assignee: 
Category: Project
Target version: 
ruby -v: not version dependent


Abstract: Sorry  for your inconvenience.  Due to  my resigning job
at  netlab.jp, the Subversion  to GitHub  gateway stops  now.  The
gateway was located there, maintained by me.

Biggest problem to reboot the gateway is its ssh private keys.  it
first ssh into the canonical svn server to pull the repo, then ssh
into github to  push it.  Both ssh sessions  need private keys and
as the gateway  runs totally automatic using cron,  those keys are
not passphrased.

Ruby's  canonical repo  has once  been cracked.   GitHub  also had
vulnerability  before.  Leaking  these  keys is  a serious  threat
against our  project. A malicious  codes can be injected  by using
(either of) them.

So sorry,  I don't  want to put  these keys  on any VPS,  IaaS, or
colocations or anything like that.   Doing so is in fact easy, and
makes  the  gateway  working  again,  but will  introduce  a  huge
security threat.

In  order to  properly  fix  this sitution,  a  RELIABLE place  is
mandatory, where no access is  possible from the internet, yet the
gateway  itself  can  connect  to  ruby-lang.org  and  github.com.
Normal  company   intranets  behind  NATs   should  suffice,  like
netlab.jp was, Though I doubt a "normal" company intranet will not
welcome a black box like the gateway.

=========

Github?????????????????伴??????止??????????????????????????
?????込??????????????????????????????????????????????????????
??????????????深????詫?????????????????????????足????????????????????
??????

????????????github????????????????????????????????????????????????
??????????????????????????????????????????????????????????????
?????????????NaCl??京??社??????席??設置?????????????????????????中???
??????????????????????????????????????????止?????????????????????????????
???????????????巻??添??????止????????????形??????

復????????????????????ssh????????????????????????????????
???ruby???svn????????ssh??????????????????????????次???github???ssh???
????????????????????????????????????????cron??????????????????????使???
???????????????????????????????????????????????????????????
?????????????????

Ruby????????????????????????????績???????????????github???????弱??
??????????????績??????????????????????????????????????????????????????
ssh????????????????????????????????????????????????????Ruby???
???????????????????????????????????????????????????????????????
??????????????管??????????????設置?????????????????????????????????
VPS???????????????????????????????????????????????????????度????????
?????移???????????????確??????????????????確?????????確??????ssh
agent forwarding?????????????????

??????????????????????????????????github???????????復???????????????????
??????????????????正確?????????????????????????????????????????
????????????????????????????????????念????????????????????????????
????????????????????????????????(??????????????????????ruby-lang.org???
github.com?????????????張?????)???????????????????????度信????
???????????????????設置??????????????????????????????????????????????????????
??????????????????????????????????業?社?????????????????????????
?????????????????????????社業??????????????設置?????????????????????


-- 
http://bugs.ruby-lang.org/