In association with heise online

26 June 2008, 10:50

Ruby patch causes Rails problems

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The recently released patch for Ruby, which remedies several critical security holes, causes problems with the widely used Ruby on Rails web application framework. The patch is for Ruby versions 1.8.5, 1.8.6, and 1.8.7. The latter is not compatible with Ruby on Rails 1.x – it only works with version 2.x of the framework released in late 2007. The patch apparently imports a number of updates from Ruby 1.8.7 into the older versions, interfering with Rails 1.x.

Some possible solutions for the problem are unofficial patches for Ruby 1.8.6 or the Ruby Enterprise Edition, based on an older patch level of Ruby 1.8.6, in which the security holes have already been patched. Of course the best solution in the long run is an upgrade from rails 1.x to 2.x – the latest version is Rails 2.1 – but many users are shying away from the new version because the renovation work has changed a number of existing applications.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit