On Fri, Jan 8, 2016 at 6:48 PM, Mark H Weaver <m...@netris.org> wrote: > Some of our ruby versions may need security updates. > > https://bugzilla.redhat.com/show_bug.cgi?id=1248935 > > Can someone who cares about ruby please investigate?
This particular issue is definitely fixed in Ruby 2.2.4 or later, which we upgraded very recently in response to this. Now, I suspect Pjotr will find issue with this, but I think we really should drop the Ruby 1.8.7 package because it is end-of-life and will *not* receive bug fixes or security updates. Thoughts? - Dave