Your message dated Wed, 29 Jul 2015 15:56:48 +0000
with message-id <[email protected]>
and subject line Bug#743746: fixed in jruby 1.7.21-2
has caused the Debian Bug report #743746,
regarding jruby: has poor cryptographic support
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
743746: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743746
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: jruby
Version: 1.5.6-7
Severity: normal
JRuby has really bad cryptographic support. First, many algorithms are
missing. The output directs me to the jruby-openssl gem, but that isn't
packaged. If JRuby requires that gem in order to be as functional as
MRI, then it needs to be packaged and be an appropriate dependency (at
least a Recommends, if not a Depends) of jruby. In this era,
cryptography is not an optional component.
Second, JRuby uses the wrong names for algorithms. Running the attached
program (I have snipped the huge traceback that happens every time jruby
runs):
vauxhall ok % ruby /tmp/sha256.rb
Digest supports 'SHA256'
Digest doesn't support 'SHA-256'
SHA256 object exists
vauxhall ok % env -u TZ jruby /tmp/sha256.rb
JRuby limited openssl loaded. http://jruby.org/openssl
gem install jruby-openssl for full support.
Digest doesn't support 'SHA256'
Digest supports 'SHA-256'
SHA256 object does not exist
Notice that for the same algorithm, JRuby uses a different name, and it
doesn't support the SHA256 class that MRI has since at least 1.8.7.
This makes it impossible to write a program that works on both.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-rc7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages jruby depends on:
ii default-jre [java6-runtime] 2:1.7-51
ii libjffi-jni 1.0.2-11
ii openjdk-7-jre [java6-runtime] 7u51-2.4.6-1
Versions of packages jruby recommends:
pn ri1.8 <none>
jruby suggests no packages.
-- no debconf information
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: jruby
Source-Version: 1.7.21-2
We believe that the bug you reported is fixed in the latest version of
jruby, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Miguel Landaeta <[email protected]> (supplier of updated jruby package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 14 Jul 2015 20:20:23 -0300
Source: jruby
Binary: jruby
Architecture: source all
Version: 1.7.21-2
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers
<[email protected]>
Changed-By: Miguel Landaeta <[email protected]>
Description:
jruby - 100% pure-Java implementation of Ruby
Closes: 743746 792788
Changes:
jruby (1.7.21-2) unstable; urgency=high
.
* Fix FTBFS due to Maven 3.3.x changes. (Closes: #792788).
* Provide full cryptographic support:
- Add Recommends on jruby-openssl. (Closes: #743746).
- Add Build-Depends on jruby-openssl for unit tests during build-time.
Checksums-Sha1:
499879db773bf828a6b96cfa9887ae560c92cce9 2931 jruby_1.7.21-2.dsc
bd6b8b3d0976bb669bed4f6765421dfcf93c1fde 86816 jruby_1.7.21-2.debian.tar.xz
6297775954ea58c642d679b214398b37f2993708 13265618 jruby_1.7.21-2_all.deb
Checksums-Sha256:
beb00e55346022cfad5f3efc4cc12a1ccf47fd7bc75fcae6a7b1de9e34e451e8 2931
jruby_1.7.21-2.dsc
2abe8d271af7556073a93817a10b8bd238b5a2ee1dc12bc01676a472fc3bf1ad 86816
jruby_1.7.21-2.debian.tar.xz
69528d6e550ef25135c08e0566fb2efa3e29870e1e7580391f78a1955cde503d 13265618
jruby_1.7.21-2_all.deb
Files:
a0262c0bbda385940bbbb91f86e9dff2 2931 ruby optional jruby_1.7.21-2.dsc
64230ef2c6c026efe615e00864edbc51 86816 ruby optional
jruby_1.7.21-2.debian.tar.xz
2ed1416975bdb293aa629a358faf0d50 13265618 ruby optional jruby_1.7.21-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJVuOKCAAoJEGIODQuJV82lt00P/0lwxBE1Kp4/DERyoyQrUYfC
ponY1B/IRQAwdwKd9R0sCXrIW1UP/NXtTbU5bf059bgFhagyxD1ZTIu/yHEygkOc
mHF0GwWNmFLIEiQ25yGqUmSs1ajexLUp+aEj68sPGT2pC4bJZyinELNYHzkkUnyN
ZctXPlOGx5Vl1MT5VTh7bZEoOXut1QlO7S/a58eBcydTeP0eNdR4PqLW+TOcFu3G
6QWnCDWKwRfW0/Lsj46/S85yKbcbboEvbOFf9K+aexP6V19z+yQP+XK5JAHJy2ea
I6U/CAA8a+EGbFVe1qS7PdhFJkuWVi4U32z2sEkK4r8qehrOJJwIX+plcFJojZ/8
rs9YXanhHB8qbvj51X3N1FVh5Qbr0fWfYUU6igSzAOi0APvT8kSEO0rrH2zFMmxp
o/f6aTgKi3YOMwBMxVDosHrzRectijt9w83N+yp8XF1O+j86ilLSHvg5SgTymxAv
YHLVd2YOnfKd8sxh9TMB6S2J2CdfAfUHhG2H1mHAmfD+oxC2PXIhujxsmzkNqnsk
wPF1IBxcuSGb/wu1Cn2h2h1hgdiN8cVNgofXfjDWe0Gi4e/YS0AmsY4nDNhN20WW
fEpHvHIBaTBva+plIrET+vN+jewVUtvmbGJCEAqongqE15r0Wln+sqEIrxmmosvY
oeMqZN6UL/C8jlX6ACOu
=EWw3
-----END PGP SIGNATURE-----
--- End Message ---
