Security -- Ruby 1.8.6 pl388 released

[Kirk Haines]

This release fixes the security vulnerability that was just announced,
and rolls in a few other bug fixes, including a backport of r24713
which fixes a segfault from freelist exhaustion that can be triggered
by certain tight loops.

* ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p388.tar.gz
* ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p388.tar.bz2
* ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p388.zip

MD5(ruby-1.8.6-p388.tar.gz)= 78a4028c44c19263bab756f94faf39f8
SHA256(ruby-1.8.6-p388.tar.gz)=
9882b91963a5ef9a9496612f14e3793e2ac2548587363adaa65af0af3adbb020
SIZE(ruby-1.8.6-p388.tar.gz)= 4583294

MD5(ruby-1.8.6-p388.tar.bz2)= f26cefbc8ab6728650ab9ae773d22bcb
SHA256(ruby-1.8.6-p388.tar.bz2)=
8536b18413f2475698fa275b356daff6ceab5232bc503496f4afbee64e8b4abc
SIZE(ruby-1.8.6-p388.tar.bz2)= 3973412

MD5(ruby-1.8.6-p388.zip)= 5821176e2ebdcb3778dbb38705bffd95
SHA256(ruby-1.8.6-p388.zip)=
cb1e49c4a8f6225a117124bbcdeae29d25a51a3f81750f9b141697b963681f47
SIZE(ruby-1.8.6-p388.zip)= 5625625


Kirk Haines

 

[James Edward Gray II]

This release fixes the security vulnerability that was just announced,
and rolls in a few other bug fixes, including a backport of r24713
which fixes a segfault from freelist exhaustion that can be triggered
by certain tight loops.

Is there any reason this patch hasn't been rolled into 1.8.6 yet?

http://redmine.ruby-lang.org/issues/show/2220

I still can't build a Ruby 1.8.6 that correctly loads extensions on Snow =
Leopard without it.

James Edward Gray II=