As noted here: https://www.ruby-lang.org/en/news/2015/12/16/ruby-2-0-0-p648-released/ Ruby 2.0.0 will be EOL soon, so we need to updated Mageia 5 to a newer branch. Reproducible: Steps to Reproduce:
any idea of what to do pascal ?
CC: (none) => mageia
pascal, to why version should we update ? which packages to update too ?
I would say none, and no idea of the packages to update. If we want to do it we will need to rebuild all the ruby packages and fix/update all the ones not building. We would also need to rebuild all the binary ones anyway.
We are not going to do anything about this for Mageia 5, and we're just trying to get by with backporting security patches ourselves. Unfortunately though we've put ourselves in the same position with Mageia 6, as 2.2.x will only be supported through March 2018: https://www.ruby-lang.org/en/news/2017/04/01/support-of-ruby-2-1-has-ended/ It would be great if we could update it to 2.3 or 2.4.
Summary: ruby needs to be updated to a newer branch in mga5 => ruby needs to be updated to a newer branch in mga6Source RPM: ruby-2.0.0.p648-1.mga4.src.rpm => ruby-2.2.5-15.mga6.src.rpmVersion: 5 => 6
pascal do you think this is something doable ? ( we have at least 6 monthes to do it ).
even though we don't update the whole package, we should provide security updates: https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
(In reply to Marc Krämer from comment #6) > even though we don't update the whole package, we should provide security > updates: > https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve- > 2017-0898/ Fortunately we've been able to patch security issues so far. That particular issue was fixed in Bug 21678.
Mageia 6 is EOL.
Resolution: (none) => OLDCC: (none) => mramboStatus: NEW => RESOLVED