Hi Mathias,
so with before this did not happen?

I can confirm the issue in a trusty container.

If I go back to the released version:
$ apt-get install ruby1.9.1=  libruby1.9.1=

things are ok again.

Although it is "only" a warning.
My gems are still listed.

# gem list
*** LOCAL GEMS ***

hello (0.0.1)

# gem list
YAML safe loading is not available. Please upgrade psych to a version that 
supports safe loading (>= 2.0).

*** LOCAL GEMS ***

hello (0.0.1)

ruby-psych is only available in much later releases.
This might be an issue of the latest security fixes.
Especially this might be related:
   3   * SECURITY UPDATE: Deserialization untrusted data                        
   4     - debian/patches/CVE-2018-1000074*.patch fix in                        
   5       lib/rubygems/commands/owner_command.rb,                              
   6       test/rubygems/test_gem_commands_owner_command.rb.                    
   7     - CVE-2018-1000074 

I'm marking as an upgrade-regression and subscribe Leo who did the fix.

** CVE added: https://cve.mitre.org/cgi-

** Tags added: regression-update

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  ruby throws gem warning

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to