|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003626||Kali Linux||[All Projects] Kali Package Bug||public||2016-09-24 15:36||2016-10-04 07:37|
|Target Version||Fixed in Version||2017.1|
|Summary||0003626: metasploit-framework package does not depend strongly enough on a ruby version|
|Description||There is a trap that users get into that breaks people using 'msfupdate' to upgrade metasploit. If you just upgrade the 'metasploit-framework' package, that latest version of ruby is not installed. Instead, you end up with whatever version of ruby came with the system|
|Steps To Reproduce||Install the pre-build Kali 2016.1 VM (as of this filing, 2016.2 VMs are not available)|
What ends up happening is ruby 2.2.4 remains the system Ruby interpreter, but the 2.3.1 gems are packaged with the latest Metasploit-framework package. This causes msfconsole to not have the correct gem versions to match the system interpreter.
I think the 'ruby' dependency needs to be specifically on the latest ruby package. I see libruby is more specific, but that does not seem sufficient.
|Additional Information||Alternate fixes could include:|
Changing 'msfupdate' to inform the user he should run 'dist-upgrade' when running on Kali instead.
Changing 'msfupdate' to literally run 'apt-get dist-upgrade', or 'apt-get install metasploit-framework ruby' so everything is updated
Removing 'msfupdate' since it doesn't really do anything that can't be done with the system package tools.
|I think dropping msfupdate is the right approach (or changing it into a no-op telling the user to run a system upgrade with "apt update && apt install metasploit-framework").|
We kept msfupdate as it uses apt when /usr/share/metasploit-framework/.apt exists (it's the case when metasploit is installed via apt in Kali).
We added a stronger dependency on ruby version in new metasploit version 4.12.29-0kali1
|2016-09-24 15:36||busterbcook||New Issue|
|2016-09-26 13:45||rhertzog||Assigned To||=> sbrun|
|2016-09-26 13:45||rhertzog||Status||new => assigned|
|2016-09-26 13:47||rhertzog||Note Added: 0005995|
|2016-10-04 07:37||sbrun||Note Added: 0006023|
|2016-10-04 07:37||sbrun||Status||assigned => resolved|
|2016-10-04 07:37||sbrun||Resolution||open => fixed|
|2016-10-04 07:37||sbrun||Fixed in Version||=> 2017.1|