Re: Updating Ruby 1.8.6 to 1.8.6-p287 in Debian 4

< ^ > P N |<>|^_>< --- | ~ ...Help
Gregory Brown wrote:
>> we are left with running 1.8.6p114.xyz where .xyz is some distro's
>> bundle of security patches :-(
> 
> p287 seems to work.  It's the first one since 114 that hasn't caused
> problems for me.  Have you had issues with it?

I was burned too badly by p230, so I have not touched it yet.

Aside: whilst searching for experiences with p287, I see there is a 
separate security patch for that too:
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/

If you were only downloading from ftp.ruby-lang.org you wouldn't find 
it. You have to know about this vulnerability and search for the patch 
on the website.

However, credit to the team for providing a patch rather than suggesting 
users pick up all changes to the tip of the 1.8.6 branch.
-- 
Posted via http://www.ruby-forum.com/.