[Rubygems-developers] Rubygems Errors

Matt White whitethunder922 at yahoo.com
Tue Jul 29 14:16:25 EDT 2008


>> I recently upgraded a server's rubygems from 0.9.0 to 1.2.0. Upon  
>> doing so, one of our apps that uses soap4r thinks all the security  
>> certificates it sees are invalid (see Error 1 below).

> Are you sure they are still valid and that this isn't just a  
> coincidence?

Yes, I'm sure. Plus, the error didn't start showing up in the logs until right after the upgrade to 1.2.0 was made.

>> I tried reverting to 0.9.0,

> You really, really, really don't want to do this, RubyGems 0.9.0 and  
> earlier allow malicious gems to write files anywhere on the filesystem.

Note taken, thanks.

>> irb(main):001:0> require 'rubygems'
>> => true
>> irb(main):002:0> require 'hpricot'
>> NoMethodError: private method `specification_version=' called for  
>> #<Gem::Specification:0xb7c8d1a8>
>>

> This method is most definitely not private in 1.2.0.  If you installed  
> a gem with 1.2.0 then rolled back to an older rubygems you'll need to  
> reinstall those gems.

This is the error I get when I revert to 0.9.0, not in 1.2.0. With 1.2.0, I get the invalid certificate error. I didn't update any gems since making the upgrade. I've disabled certificate verification for the time being as a workaround and kept Rubygems at 1.2.0. Is there perhaps something else I might need to update? Any more information I should give to help diagnose the error? Thanks again.



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/rubygems-developers/attachments/20080729/778c62d0/attachment.html>


More information about the Rubygems-developers mailing list