Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-osx

From: Finn Thain <fthain@××××××××××××××××.au>
To: gentoo-osx@l.g.o
Subject: Re: [gentoo-osx] Ruby issue
Date: Fri, 07 Oct 2005 02:01:35
Message-Id: Pine.LNX.4.63.0510071155470.3258@loopy.telegraphics.com.au
In Reply to: [gentoo-osx] Ruby issue by Grobian
1 On Thu, 6 Oct 2005, Grobian wrote:
2
3 > Some of you might have noticed the Ruby (security) issue. I'd like to have a
4 > quick round on it.
5 >
6 > A short situation sketch:
7 > - ruby 1.8.2 compiles with some patches made by usata on Panther
8 > - ruby 1.8.2 collides on Tiger with system installed ruby
9 > - ruby 1.8.2 contains security vulnerability and stuff
10 > - ruby 1.8.3 is safe(r)
11 > - ruby 1.8.3 doesn't compile on Panther due to autoconf 2.59 requirement
12
13 Can the appropriate autoconf be added to the base system?
14
15 -f
16
17 > - ruby 1.8.3 of course also collides on Tiger
18 > - ruby 1.8.2 is marked ppc-macos stable
19 > - ruby 1.8.3 is marked ~ppc-macos unstable
20 >
21 > ruby is for Tiger in p.mask, since the sec. bug I added the mask in the
22 > Panther profile too, however, that's not really a solution, and the sec. guys
23 > want more action from us, basically.
24 >
25 > I can think of three 'solutions':
26 > 1. drop ppc-macos keyword for all ruby keywords.
27 > This is drastical, but since ruby won't have a nice mariage with OSX
28 > using oldstyle Gentoo/OSX it solves the problem for good.
29 > 2. drop ppc-macos keyword in 1.8.2 and replace it with 1.8.3
30 > This is bad because we basically drop the keyword, but it leaves us
31 > with the 'desired' state of having only ~ppc-macos.
32 > 3. stable 1.8.3
33 > This feels bad to me, but it's what the sec. guys want to see. It
34 > makes sense for progressive users (although I don't know of any real
35 > ones). We would stable a package without testing that is masked.
36 >
37 > So, a quick round of input on any one of the three (or a solution I haven't
38 > thought of) solutions would be nice, in order to 'fix' the ruby bug instead of
39 > letting it slide. It's wrong anyway.
40 >
41 >
42 >
43 --
44 gentoo-osx@g.o mailing list

Replies

Subject Author
Re: [gentoo-osx] Ruby issue Grobian <grobian@g.o>
Report Message
Find on MARC Find on Google Groups