[Rubygems-developers] Rubygems Errors
Eric Hodel
drbrain at segment7.net
Tue Jul 29 14:07:30 EDT 2008
Please don't send HTML email to this list, it forces non-monospace
fonts that make program output hard to read.
On Jul 28, 2008, at 14:00 PM, Matt White wrote:
> I recently upgraded a server's rubygems from 0.9.0 to 1.2.0. Upon
> doing so, one of our apps that uses soap4r thinks all the security
> certificates it sees are invalid (see Error 1 below).
Are you sure they are still valid and that this isn't just a
coincidence?
> I tried reverting to 0.9.0,
You really, really, really don't want to do this, RubyGems 0.9.0 and
earlier allow malicious gems to write files anywhere on the filesystem.
> irb(main):001:0> require 'rubygems'
> => true
> irb(main):002:0> require 'hpricot'
> NoMethodError: private method `specification_version=' called for
> #<Gem::Specification:0xb7c8d1a8>
>
This method is most definitely not private in 1.2.0. If you installed
a gem with 1.2.0 then rolled back to an older rubygems you'll need to
reinstall those gems.
More information about the Rubygems-developers
mailing list