I’m introducing Ruby to my workplace and tried installing it on our
server. We’re using RHEL and the most recent Ruby binary package we
have in the repos is 1.8.1 (Yikes indeed).
So the question is: what’s the source tarball we should use to build a
Ruby 1.8.4 that is both stable and has all the patches applied?
I found the tarball of the official 1.8.4 release, in the “stable”
directory of the ftp.ruby-lang.org. Unfortunately, its dated
24/12/2005 and seems to be the original release, with none of the
patches applied. My admin googled some critical security patches like
, realized they were not included in the above tarball, and freaked
So which tarball should we use? We found ruby-1.8-today.tar.gz in the
“snapshots” directory, but we’re not sure this is it as we couldn’t
find any instructions or reference to it on the ruby-lang.org site
(the only reference we did find there was to the original,
pre-patched 1.8.4 release).
 We’re installing 1.8.4 and not 1.8.5 as it’s not confirmed to work
with Rails according to their official download page: