I tried upgrading my older 1.8.6 Ruby install to the latest stable 1.8.6 release, version 1.8.6-p230 specifically, to benefit from the latest security updates. I used this configuration: ./configure --prefix=/usr/local --enable-pthread --with-readline-dir=/usr I''m using mod_rails, so after the Ruby install I restarted Apache. I then found every Rails app on the box was non-functional, only loading blank white screens, with this same error appearing in all the logs: ActionView::TemplateError (wrong argument type FalseClass (expected Proc)) So I hurried to rebuild my passenger/mod_rails module, thinking that perhaps some header file in Ruby may have changed, but it didn''t help. Needing to get the sites back up I reverted back to my old (insecure) version of Ruby. So then.. if you look at http://ruby-lang.org, it''s promoting Ruby version 1.8.7 as the latest stable release. It actually took me a few minutes of poking around on the site there to find a current 1.8.6 release, which then broke all my Rails apps when I tried it. And then if you look on http://rubyonrails.com/down it says Ruby version 1.8.7 "still has some bugs to straighten out" which seems rather confusing since it''s being promoted ruby-lang.org as stable. Then, if you go to http://wiki.rubyonrails.com/ you will find a blog entry where it says if you use Rails 2.1.0 you need Ruby 1.8.7?!? Then finally, I can''t get one of my Rails apps to work with Rails 2.1.0 because of an issue with respond_to? (which I posted in a separate thread earlier). So with regards to the recent public security issues with Ruby, what am I supposed to do? Thanks, -- Greg Donald --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
I know we are trying to figure out the magic to the sauce as well. If we need to upgrade, and using rails 2.1 is not an option just yet... does that mean that NO ONE is upgrading? On Jun 24, 3:27 pm, "Greg Donald" <gdon...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I tried upgrading my older 1.8.6 Ruby install to the latest stable > 1.8.6 release, version 1.8.6-p230 specifically, to benefit from the > latest security updates. > > I used this configuration: > > ./configure --prefix=/usr/local --enable-pthread --with-readline-dir=/usr > > I''m using mod_rails, so after the Ruby install I restarted Apache. I > then found every Rails app on the box was non-functional, only loading > blank white screens, with this same error appearing in all the logs: > > ActionView::TemplateError (wrong argument type FalseClass (expected Proc)) > > So I hurried to rebuild my passenger/mod_rails module, thinking that > perhaps some header file in Ruby may have changed, but it didn''t help. > Needing to get the sites back up I reverted back to my old (insecure) > version of Ruby. > > So then.. if you look athttp://ruby-lang.org, it''s promoting Ruby > version 1.8.7 as the latest stable release. It actually took me a few > minutes of poking around on the site there to find a current 1.8.6 > release, which then broke all my Rails apps when I tried it. And then > if you look onhttp://rubyonrails.com/downit says Ruby version 1.8.7 > "still has some bugs to straighten out" which seems rather confusing > since it''s being promoted ruby-lang.org as stable. Then, if you go tohttp://wiki.rubyonrails.com/you will find a blog entry where it says > if you use Rails 2.1.0 you need Ruby 1.8.7?!? Then finally, I can''t > get one of my Rails apps to work with Rails 2.1.0 because of an issue > with respond_to? (which I posted in a separate thread earlier). > > So with regards to the recent public security issues with Ruby, what > am I supposed to do? > > Thanks, > > -- > Greg Donald--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, Jun 25, 2008 at 7:39 AM, veyron <mtperitore-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > I know we are trying to figure out the magic to the sauce as well. > If we need to upgrade, and using rails 2.1 is not an option just > yet... > does that mean that NO ONE is upgrading?Yeah, this is not good. I can''t get Rails 2.0.2 to work with a secure Ruby 1.8.6 (at all), same error on all 5 of my Rails apps: ActionView::TemplateError (wrong argument type FalseClass (expected Proc)) And then I can''t get Rails 2.1 to work with Ruby 1.8.7 on 3 out of 5 of my Rails apps, issues with respond_to? saying I''m sending 1 of 0 arguments when I''m actually sending 1 argument like the docs say is required. -- Greg Donald http://destiney.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---