View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002956Kali LinuxTool Upgrade Requestpublic2015-12-21 11:392015-12-21 16:16
ReporterR4z3r Assigned Torhertzog  
PrioritylowSeverityminorReproducibilityalways
Status closedResolutionno change required 
Product Version2.0 
Summary0002956: Upgrade Ruby 2.1.5p273 to 2.2.4
Description

Ruby, on a fully upgraded Kali 2.0 machine, is currently 2.1.5p273. The latest available is 2.24. Upgrading Ruby to 2.2.4 comes with the following benefits:

  1. ) Addresses CVE-2015-7551 (https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/)
    2.) Addresses CVE-2015-3900 (http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html)
    3.)Addresses CVE-2015-1855 (https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/)
    4.) Includes a fix for ffi build failure and memory leak issue on Symbol GC (See Bug #10686 — https://bugs.ruby-lang.org/issues/10686).
    5.) Ruby can now collect symbol types reducing overall memory usage
Steps To Reproduce

1.) Update system using sudo apt-get update && sudo apt-get -y ugrade && sudo apt-get -y dist-upgrade
2.) Open terminal
3.) Execute ruby -v
4.) System will print: ruby 2.1.5p273 (2014-11-13) [x86_64-linux-gnu]

Relationships

Relationship GraphDependency Graph
has duplicate 0002957 resolvedrhertzog Upgrade Ruby 2.1.5p273 to 2.2.4 

Activities

R4z3r

R4z3r

2015-12-21 11:42

reporter   ~0004417

Oops. Duplicate issue with 0002957. Received error message and thought it had not been submitted.
rhertzog

rhertzog

2015-12-21 13:36

administrator   ~0004419

We won't update ruby in Kali 2.0. kali-rolling already has the latest ruby version and it will be used for the next release in early 2016.
R4z3r

R4z3r

2015-12-21 15:52

reporter   ~0004420

https://www.kali.org/news/kali-linux-20-released/ states that 2.0 is a rolling release. Can you elaborate on what you mean since it's not clear and you don't provide guides on your site for separate 2.0 / rolling release options.
muts

muts

2015-12-21 16:16

reporter   ~0004421

Yep, you can read more about our rolling release repository here - http://docs.kali.org/general-use/kali-linux-sources-list-repositories

Also, if you would like to build a rolling-release iso, you can so using instructions from here - http://docs.kali.org/development/live-build-a-custom-kali-iso (with with a "kali-rolling" distribution name)

Issue History

Date Modified Username Field Change
2015-12-21 11:39 R4z3r New Issue
2015-12-21 11:42 R4z3r Note Added: 0004417
2015-12-21 13:34 rhertzog Relationship added has duplicate 0002957
2015-12-21 13:36 rhertzog Note Added: 0004419
2015-12-21 13:36 rhertzog Status new => closed
2015-12-21 13:36 rhertzog Assigned To => rhertzog
2015-12-21 13:36 rhertzog Resolution open => won't fix
2015-12-21 15:52 R4z3r Note Added: 0004420
2015-12-21 15:52 R4z3r Status closed => feedback
2015-12-21 15:52 R4z3r Resolution won't fix => reopened
2015-12-21 16:16 muts Note Added: 0004421
2015-12-21 16:16 muts Status feedback => closed
2015-12-21 16:16 muts Resolution reopened => no change required
2021-05-31 13:37 rhertzog Category Tool Upgrade => Tool Upgrade Request