Bug 1280296

Summary: Rebase to the latest Ruby 2.2 point release
Product: Red Hat Software Collections Reporter: Vít Ondruch <vondruch>
Component: rubyAssignee: Pavel Valena <pvalena>
Status: CLOSED EOL QA Contact: BaseOS QE - Apps <qe-baseos-apps>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rh-ruby22CC: bgollahe, dkochuka, hhorak, jorton, pbhoot, pvalena, schamilt, skippy
Target Milestone: ---Keywords: FutureFeature, Rebase
Target Release: 3.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Rebase package(s) to version: 2.2.9 Highlights, important fixes, or notable enhancements: Upgrade to rubygems 2.4.5.4 Upgrade to psych 2.0.8.1 Upgrade to json 1.8.1.1
 Story Points: ---
Clone Of:
: 1395796 1549646 (view as bug list) Environment:
Last Closed: 2018-05-18 08:41:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1432980, 1549646    

Description Vít Ondruch 2015-11-11 12:32:55 UTC 
New Ruby 2.2 release is available. We should consider rebase.

https://www.ruby-lang.org/en/news/2015/08/18/ruby-2-2-3-released/
Comment 1 Scott Merrill 2016-03-14 14:12:37 UTC 
I'd like to see this rebase occur, too.

https://bugzilla.redhat.com/show_bug.cgi?id=1317076
Comment 3 Vít Ondruch 2016-05-02 13:16:16 UTC 
Please note that 2.2.5 is already released:

https://www.ruby-lang.org/en/news/2016/04/26/ruby-2-2-5-released/
Comment 5 Vít Ondruch 2016-11-16 17:06:37 UTC 
https://www.ruby-lang.org/en/news/2016/11/15/ruby-2-2-6-released/
Comment 7 Vít Ondruch 2017-03-29 08:01:03 UTC 
https://www.ruby-lang.org/en/news/2017/03/28/ruby-2-2-7-released/

This is the last regular maintenance release of Ruby 2.2. After this, only security releases will be provided for one additional year.
Comment 11 Pavel Valena 2017-09-15 16:31:20 UTC 
Latest Ruby 2.2 release:
https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/

Contains fixes for:
 - Bug CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
 - Bug CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
 - Bug CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
 - Bug CVE-2017-14064: Heap exposure in generating JSON
 - Multiple vulnerabilities in RubyGems
Comment 12 Vít Ondruch 2017-12-15 09:03:18 UTC 
Ruby 2.2.9 is now available:

https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-2-9-released/
Comment 15 Joe Orton 2018-05-18 08:41:56 UTC 
In accordance with the Red Hat Software Collections Product Life Cycle, the support period for this collection has ended.

New bug fix, enhancement, and security errata updates, as well as technical support services will no longer be made available for this collection.

Customers are encouraged to upgrade to a later release.

Please contact Red Hat Support if you have further questions, or refer to the support lifecycle page for more information. https://access.redhat.com/support/policy/updates/rhscl/