Bug 17693

Summary: ruby-activesupport package exists in Cauldron
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Thomas Spuhler <thomas>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: ruby-activesupport-4.2.5-1.mga6.src.rpm CVE:
Status comment:

Description David Walser 2016-02-05 17:51:41 CET 
We dropped ruby on rails before Mageia 5 due to the inability to maintain it (and it wasn't working either IIRC).  One of the packages from it has been reintroduced into Cauldron by Thomas Spuhler, and the reason is not apparent.  Nothing currently Requires or BuildRequires it.

Speaking of which, see http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/  (it should be updated to 4.2.5.1 if there's some reason to keep it)

Reproducible: 

Steps to Reproduce:
Thomas Spuhler 2016-02-25 20:00:17 CET

Status: NEW => ASSIGNED

Comment 1 Thomas Spuhler 2016-02-25 21:42:09 CET 
updated to 4.2.5.1

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Comment 2 David Walser 2016-02-25 21:46:01 CET 
Why haven't you dropped the package?  Why do we still have it?

Status: RESOLVED => REOPENED
Resolution: FIXED => (none)

Comment 3 David Walser 2016-05-18 22:00:08 CEST 
Package was in fact not needed and was dropped.  Marking as FIXED.

Status: REOPENED => RESOLVED
Resolution: (none) => FIXED