Over on the official Ruby news site, Urabe Shyouhei has announced the release of minor updates to both Ruby 1.8.6 and 1.8.7, namely 1.8.6p368 and 1.8.7p160:
Updates to already-released Ruby 1.8.7 and 1.8.6 have been released.
This time we have fixed dozens of bugs, including workarounds for CVE-2007-1558 and CVE-2008-1447. Many segfaults are also fixed. For a complete list of what has been fixed, please read the ChangeLogs (1, 2).
The released tarballs are available at:
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p368.tar.gz
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p368.tar.bz2
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p368.zip
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p160.tar.gz
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p160.tar.bz2
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p160.zip
These updates are only worth pursuing if it's of utmost importance that you have the latest point release of your chosen Ruby version installed - in critical production environments, perhaps. For your development machine, it's more of a take it or leave it deal. I'll be sticking to the Apple supplied version of 1.8.6 (p114) for now.
Comments
Stephen Celis ·
For those on OS X, interested, and unwilling to part with RubyCocoa (Growl support, etc.), I've updated my Leopard build instructions:
http://stephencelis.com/2008/11/05/the-definitive-leopard-ruby-build.html
Tom Copeland ·
Also mirrored on the various RubyForge mirrors here:
http://rubyforge.org/frs/?group_id=426