[ANN] 1.1.3 available

Hello,

DHH has just announced the release of Rails 1.1.3

rails-1.1.3
activerecord-1.14.3
actionpack-1.12.2
actionmailer-1.2.2
actionwebservice-1.1.3

The announce without the repetition :slight_smile:

"Rails 1.1.3: Security fix and minor fixes

Posted by David June 27, 2006 @ 08:07PM

We’ve found and fixed a security issue with routing
that could cause excess CPU usage in Rails processes
when triggered by certain URLs. We strongly encourage
anyone running 1.1.x to upgrade to the latest version.
It’s fully backwards compatible and should serve as
a small drop-in fix.

If you’re running the latest Edge Rails, though, there’s
no need to update. We’ve rewritten the routes functionality
on edge and the new version doesn’t have this problem.

To upgrade, you as always can just do:

gem install rails --include-dependencies

Note: This release doesn’t include any of the new
CRUD/resource-based features. All of the new features
we’ve been working on over the last couple of months
will become available in 1.2.0, which is scheduled for
“soonish”. This 1.1.3 release is purely to address the
security issue and another few minor fixes that were
available on the STABLE branch as well."

On 6/27/06, Jean-François [email protected] wrote:

It’s fully backwards compatible and should serve as
Note: This release doesn’t include any of the new
À la renverse.


Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

Do we need to change the RAILS_GEM_VERSION value in environment.rb, or
does that just mean the minimum gem version, so all apps will use
1.1.3?

On 6/27/06, Jean-François [email protected] wrote:

The announce without the repetition :slight_smile:

Is this bad? I’ve never had a problem with gem before.

~ $ sudo gem install rails --include-dependencies
Attempting local installation of ‘rails’
Local gem file not found: rails*.gem
Attempting remote installation of ‘rails’
Updating Gem source index for: http://gems.rubyforge.org
ERROR: While executing gem … (ArgumentError)
syntax error on line 142311, col 1175: `: RubyGems is a package
management framework for Ruby. This Gem is a update for the base
RubyGems software. You must have a base installation of RubyGems
before this update can be applied.
autorequire:
default_executable:
bindir: bin
has_rdoc:
required_ruby_version: !ruby/object:Gem::Version::Requirement
requirements:
- - “>”
- !ruby/object:Gem::Version
version: 0.0.0
platform:
signing_key:
cert_chain: []

authors:
files: []

test_files: []

rdoc_options: []

extra_rdoc_files: []

executables:
- update_rubygems
extensions:
requirements:
dependencies:

fastercsv-0.1.9: !ruby/object:Gem::Specification
rubygems_version: 0.8.11
specification_version: 1
name: fastercsv
version: !ruby/object:Gem::Version
version: 0.1.9
date: 2006-02-27 01:00:00 -05:00
summary: FasterCSV is CSV, but faster, smaller, and
~ $

And for reference…

~ $ gem list --local

*** LOCAL GEMS ***

actionmailer (1.2.1)
Service layer for easy email delivery and testing.

actionpack (1.12.1)
Web-flow and rendering framework putting the VC in MVC.

actionwebservice (1.1.2)
Web service support for Action Pack.

activerecord (1.14.2)
Implements the ActiveRecord pattern for ORM.

activesupport (1.3.1)
Support and utility classes used by the Rails framework.

capistrano (1.1.0)
Capistrano is a framework and utility for executing commands in
parallel on multiple remote machines, via SSH. The primary goal
is to simplify and automate the deployment of web applications.

daemons (0.4.4)
A toolkit to create and control daemons in different ways

gem_plugin (0.2.1)
A plugin system based only on rubygems that uses dependencies only

htmltools (1.09)
This is a Ruby library for building trees representing HTML
structure.

mongrel (0.3.13, 0.3.12.4)
A small fast HTTP library and server that runs Rails, Camping, and
Nitro apps.

mongrel_cluster (0.2.0)
Mongrel plugin that provides commands and Capistrano tasks for
managing multiple Mongrel processes.

needle (1.3.0)
Needle is a Dependency Injection/Inversion of Control container for
Ruby. It supports both type-2 (setter) and type-3 (constructor)
injection. It takes advantage of the dynamic nature of Ruby to
provide a rich and flexible approach to injecting dependencies.

net-sftp (1.1.0)
Net::SFTP is a pure-Ruby implementation of the SFTP client protocol.

net-ssh (1.0.9)
Net::SSH is a pure-Ruby implementation of the SSH2 client protocol.

postgres (0.7.1)
The extension library to access a PostgreSQL database from Ruby.

rails (1.1.2)
Web-application framework with template engine, control-flow layer,
and ORM.

rake (0.7.1)
Ruby based make-like utility.

RedCloth (3.0.4)
RedCloth is a module for using Textile and Markdown in Ruby. Textile
and Markdown are text formats. A very simple text format. Another
stab at making readable text that can be converted to HTML.

rubyful_soup (1.0.4)
An HTML/XML parser that handles bad markup and provides tree
traversal methods.

sendfile (0.9.2)
Ruby interface to sendfile(2) system call

sources (0.0.1)
This package provides download sources for remote gem installation

sqlite3-ruby (1.1.0)
SQLite3/Ruby is a module to allow Ruby scripts to interface with a
SQLite3 database.

termios (0.9.4)
Termios module are simple wrapper for termios(3). It can be included
into IO-family classes and can extend IO-family objects. In
addition, the methods can use as module function.
~ $

On 6/27/06, Chris T [email protected] wrote:

+1 for this error

From what I’ve seen it typically takes a while for the gems to
propagate across servers… :wink:

-Curtis

James L. wrote:

actionmailer-1.2.2
Local gem file not found: rails*.gem
has_rdoc:

+1 for this error

Where can I find info about the “CRUD/resource-based features” that will
be
in 1.2.0?

I also received this error, and have a fix, at
least on my system. :slight_smile:

I did a

gem cleanup

and then a

sudo gem install rails --include-dependencies

and the installation proceeded without issue.

I also then did a

gem update

which updated a bunch of gems to current versions
(so be careful) and then a final:

gem cleanup

And now I’m all happy and warm inside. :slight_smile:

– -- Tom M.

From http://www.codecomments.com/archive327-2005-3-439007.html on
the subject of a similar error:

"Its sounds like your source cache is either corrupted or not in the
format
expected. Around version 0.8.5 or so we switched from a YAML based
cache to
a marshalled cache (with a significant increase in speed). If you run a
0.8.5 or later version of gems and then later try to go back to a
pre-0.8.5
version, the earlier version is confused by the data in the cache
(post 0.8.5
versions are smart enough to just toss the cache if it looks bad.

To fix, just delete the source cache file (the file named
‘source_cache’ in
the directory reported by the ‘gem env gempath’ command). If you are
on a
unix-like OS and the source_cache is in a protected directory, you
might have
another copy of the source cache available in a user owned directory
(probably $HOME/.gem/source_cache). Delete that copy as well."

This did fix the problem for me, even though the cause was certainly
not the one mentioned above.

Hi, all.

Is any chance to see http://dev.rubyonrails.org/ticket/3811 patch in
trunk. I intended to raise this question right before voting for 1.1.3
but seems that I missed it.

Anyway I am doing it right now. I would like to hear any comment from
rails developers.

This did not fix the issue for me.

I’ve lost the ability to route controller modules like
Admin::UserController after upgrading to 1.1.3. Switched back to
1.1.2 and it’s working fine. Think the new routing code could be
buggy??

Tom M. wrote:

I also received this error, and have a fix, at
least on my system. :slight_smile:

I did a

gem cleanup

and then a

sudo gem install rails --include-dependencies

and the installation proceeded without issue.

I also then did a

gem update

which updated a bunch of gems to current versions
(so be careful) and then a final:

gem cleanup

And now I’m all happy and warm inside. :slight_smile:

– -- Tom M.

What does gem cleanup actually do? When I saw this:

C:\eclipse\workspace>gem cleanup
Cleaning up installed gems…
Attempting uninstall on rails-1.1.0
Successfully uninstalled rails version 1.1.0
Attempting uninstall on actionwebservice-1.1.0
Successfully uninstalled actionwebservice version 1.1.0
Attempting uninstall on rails-1.1.1
Successfully uninstalled rails version 1.1.1
Attempting uninstall on actionwebservice-1.1.1
Successfully uninstalled actionwebservice version 1.1.1
Attempting uninstall on rake-0.7.0
Successfully uninstalled rake version 0.7.0
Attempting uninstall on activerecord-1.14.0
ERROR: Interrupted
Terminate batch job (Y/N)? Y

I got nervous - would I have to reinstall all of my gems?

Does cleanup just fix the list of installed gems or does it really
remove them?

Wes

OK cleanup just gets rid of old versions. Phew!

Wes G. wrote:

OK cleanup just gets rid of old versions. Phew!

Oh well this is just great.

C:\eclipse\workspace>gem install rails --include-dependencies
ERROR: While executing gem … (Gem::GemNotFoundException)
Could not find rails (> 0) in the repository

Um, where’s the Rails gem?

WG

Thanks for the report(s) guys. :slight_smile:

This has been fixed in [4501] and you may expect another release
shortly.

Sorry for the breakage
Nicholas S.

It removes non-current gems. Your system had
versions of those that were deleted that were
newer than the ones it removed.


– Tom M.

Nicholas S. wrote:

Thanks for the report(s) guys. :slight_smile:

This has been fixed in [4501] and you may expect another release
shortly.

Sorry for the breakage
Nicholas S.

Nicholas,

Seems to me that this error message is misleading - there really wasn’t
anything wrong with the repository, just my local version of what was in
it.

So maybe that error message should mention the source_cache file as a
potential source of problems?

Wes

Sorry Wes, I was confused and talking about a different bug.

As far as I know this error was due to a corrupted gem on the server and
has
been fixed by RubyForge.

Sorry Wes, I was confused and talking about a different bug.
As far as I know this error was due to a corrupted gem
on the server and has been fixed by RubyForge.

Yup, right on.

Yours,

Tom

On 6/28/06, Wes G. [email protected] wrote:

Nicholas S. wrote:
Nicholas,

Seems to me that this error message is misleading - there really wasn’t
anything wrong with the repository, just my local version of what was in
it.

So maybe that error message should mention the source_cache file as a
potential source of problems?

I got the same Gem error when trying to update Rails (after updating
RubyGems). Nuking the source_cache file forced a “bulk update” and
it’s updating along right now.

jt

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs