File: NEWS

package info (click to toggle)
ruby1.8 1.8.7.302-2squeeze5
  • links: PTS, VCS
  • area: main
  • in suites: squeeze-lts
  • size: 26,692 kB
  • ctags: 38,616
  • sloc: ruby: 245,002; ansic: 144,156; yacc: 5,890; sh: 2,677; lisp: 1,626; tcl: 949; makefile: 358; sed: 129; xml: 122; awk: 36; cpp: 28; asm: 25; perl: 18; python: 6
file content (65 lines) | stat: -rw-r--r-- 2,518 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
ruby1.8 (1.8.6.111-1) unstable; urgency=low

  This package includes fixes for CVE-2007-5162.

  The upstream author had taken two actions about CVE-2007-5162.

    1) They released Ruby 1.8.6-p111 and 1.8.5-p114.  But the release
       requires to change user's code to verify server's identity.

         http://www.ruby-lang.org/en/news/2007/10/04/net-https-vulnerability/ [en]
         http://www.ruby-lang.org/ja/news/2007/10/04/isecpartners-com-2007-006-rubyssl/ [ja]

    2) The upstream author re-added some fixes for Ruby.  It makes Ruby
       verify server's identity on default.  This is available on ruby_1_8
       branch, trunk of the Ruby repository and next release of Ruby 1.8.x.

  On Debian, we took the 2nd action of the above.  

  New ruby1.8 package makes Ruby (Net::HTTPS, Net::IMAP, Net::FTPTLS and
  Net::TELNETS) verify server's identity on default if SSL connection
  isn't in VERIFY_NONE mode.  It require no change user's code.

 -- akira yamada <akira@debian.org>  Tue, 16 Oct 2007 15:13:08 +0900

ruby1.8 (1.8.2-9) unstable; urgency=high

  On ix86 architecutre, $LOAD_PATH is changed as follows:

    /usr/local/lib/site_ruby/1.8
    /usr/local/lib/site_ruby/1.8/i486-linux
    /usr/local/lib/site_ruby
    /usr/lib/ruby/1.8
    /usr/lib/ruby/1.8/i486-linux
    .

  This change is brought to follow the change of dpkg 1.13.  It changed
  architecture name to "i486-linux-gnu" from "i386-linux".

  If you locally build extension libraries,  please rebuild it with this
  version of ruby1.8-dev package.

  NOTE: In this version, ruby1.8 temporally searches files in
  /usr/local/lib/site_ruby/1.8/i386-linux and /usr/lib/ruby/1.8/i386-linux.

 -- akira yamada <akira@debian.org>  Wed, 29 Jun 2005 00:33:35 +0900

ruby1.8 (1.8.2-3) unstable; urgency=medium

  Sub-packages of ruby1.8 was restructured, because many users requested
  "most" libraries included within upstream distributions.  Please see also
  <URL:http://lists.debian.org/debian-ruby/2005/01/msg00005.html> and
  <URL:http://lists.debian.org/debian-ruby/2005/03/msg00000.html>.

  Summary of the restructuring:

  - irb1.8, libdbm-ruby1.8, libgdbm-ruby1.8, libopenssl-ruby1.8,
    libreadline-ruby1.8, libruby1.8-dbg, rdoc1.8, ri1.8, ruby1.8,
    ruby1.8-dev, ruby1.8-elisp and ruby1.8-examples: left as it is.

  - libtcktk-ruby1.8 and libtk-ruby1.8 was merged to new libtcltk-ruby1.8.

  - other 18 packages was merged to new libtcltk-ruby1.8.

 -- akira yamada <akira@debian.org>  Tue, 15 Mar 2005 17:24:37 +0900