[#36679] [Ruby 1.9 - Bug #4814][Open] minitest 2.2.x and test/unit do not get along — Ryan Davis <ryand-ruby@...>
9 messages
2011/06/01
[#36707] [Ruby 1.9 - Feature #4818][Open] Add method marshalable? — Joey Zhou <yimutang@...>
5 messages
2011/06/03
[#36711] [Ruby 1.9 - Bug #4821][Open] Random Segfaults (in start_thread?) — Ivan Bortko <b2630639@...>
22 messages
2011/06/03
[#36714] [Ruby 1.9 - Feature #4822][Open] String#capitalize improvements — Anurag Priyam <anurag08priyam@...>
8 messages
2011/06/03
[#36720] Direct modifications to RubyGems in trunk? — Luis Lavena <luislavena@...>
Hello,
4 messages
2011/06/03
[#36730] [Ruby 1.9 - Feature #4824][Open] Provide method Kernel#executed? — Lazaridis Ilias <ilias@...>
56 messages
2011/06/04
[#36900] [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Cezary Baginski <cezary.baginski@...>
2011/06/09
[#36902] [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Rocky Bernstein <rocky@...>
2011/06/09
[#36935] Re: [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Cezary <cezary.baginski@...>
2011/06/10
On Fri, Jun 10, 2011 at 07:20:32AM +0900, Rocky Bernstein wrote:
[#36957] Re: [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Rocky Bernstein <rockyb@...>
2011/06/11
On Fri, Jun 10, 2011 at 10:03 AM, Cezary <cezary.baginski@gmail.com> wrote:
[#37089] Re: [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Cezary <cezary.baginski@...>
2011/06/13
On Sat, Jun 11, 2011 at 11:20:31AM +0900, Rocky Bernstein wrote:
[#36732] [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Yukihiro Matsumoto <matz@...>
2011/06/04
[#36758] [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Benoit Daloze <redmine@...>
2011/06/05
[#36784] [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Rodrigo Rosenfeld Rosas <rr.rosas@...>
2011/06/06
[#36833] Re: [Ruby 1.9 - Feature #4824] Provide method Kernel#executed?
— Charles Oliver Nutter <headius@...>
2011/06/08
On Mon, Jun 6, 2011 at 7:09 AM, Rodrigo Rosenfeld Rosas
[#36741] [Ruby 1.9 - Bug #4828][Open] crash in test_thread_instance_variable — Motohiro KOSAKI <kosaki.motohiro@...>
8 messages
2011/06/05
[#36750] [Ruby 1.9 - Feature #4830][Open] Provide Default Variables for Array#each and other iterators — Lazaridis Ilias <ilias@...>
24 messages
2011/06/05
[#36907] [Ruby 1.9 - Feature #4830] Provide Default Variables for Array#each and other iterators
— Jan Lelis <mail@...>
2011/06/10
[#36764] [Ruby 1.9 - Feature #4831][Open] Integer#prime_factors — Yusuke Endoh <mame@...>
5 messages
2011/06/05
[#36785] [Ruby 1.9 - Feature #4840][Open] Allow returning from require — Rodrigo Rosenfeld Rosas <rr.rosas@...>
53 messages
2011/06/06
[#36811] Re: [Ruby 1.9 - Feature #4840][Open] Allow returning from require
— Yusuke ENDOH <mame@...>
2011/06/07
Hello,
[#36830] Re: [Ruby 1.9 - Feature #4840][Open] Allow returning from require
— Yukihiro Matsumoto <matz@...>
2011/06/08
Hi,
[#46648] [ruby-trunk - Feature #4840] Allow returning from require
— "mame (Yusuke Endoh)" <mame@...>
2012/07/23
[#46667] Re: [ruby-trunk - Feature #4840] Allow returning from require
— Rodrigo Rosenfeld Rosas <rr.rosas@...>
2012/07/23
Em 23-07-2012 10:12, mame (Yusuke Endoh) escreveu:
[#36786] Re: [Ruby 1.9 - Feature #4840][Open] Allow returning from require
— Michael Edgar <adgar@...>
2011/06/06
On Jun 6, 2011, at 10:11 AM, Rodrigo Rosenfeld Rosas wrote:
[#36804] Re: [Ruby 1.9 - Feature #4840][Open] Allow returning from require
— Clifford Heath <clifford.heath@...>
2011/06/06
On 07/06/2011, at 12:18 AM, Michael Edgar wrote:
[#46673] [ruby-trunk - Feature #4840] Allow returning from require
— "alexeymuranov (Alexey Muranov)" <redmine@...>
2012/07/23
[#46701] Re: [ruby-trunk - Feature #4840] Allow returning from require
— SASADA Koichi <ko1@...>
2012/07/24
(2012/07/24 0:44), alexeymuranov (Alexey Muranov) wrote:
[#54874] [ruby-trunk - Feature #4840] Allow returning from require
— "nobu (Nobuyoshi Nakada)" <nobu@...>
2013/05/09
[#36787] [Ruby 1.9 - Bug #4841][Open] WEBrick threading leads to infinite loop — Peak Xu <peak.xu+ruby@...>
8 messages
2011/06/06
[#36799] [Ruby 1.9 - Feature #4845][Open] Provide Class#cb_object_instantiated_from_literal(object) — Lazaridis Ilias <ilias@...>
11 messages
2011/06/06
[#36834] [Ruby 1.9 - Feature #3905] rb_clear_cache_by_class() called often during GC for non-blocking I/O — Charles Nutter <headius@...>
10 messages
2011/06/08
[#36860] Re: [Ruby 1.9 - Feature #3905] rb_clear_cache_by_class() called often during GC for non-blocking I/O
— Eric Wong <normalperson@...>
2011/06/08
Charles Nutter <headius@headius.com> wrote:
[#36875] Re: [Ruby 1.9 - Feature #3905] rb_clear_cache_by_class() called often during GC for non-blocking I/O
— Charles Oliver Nutter <headius@...>
2011/06/09
On Wed, Jun 8, 2011 at 4:00 PM, Eric Wong <normalperson@yhbt.net> wrote:
[#36878] Re: [Ruby 1.9 - Feature #3905] rb_clear_cache_by_class() called often during GC for non-blocking I/O
— Eric Wong <normalperson@...>
2011/06/09
Charles Oliver Nutter <headius@headius.com> wrote:
[#36863] Object#trust vs Object#taint — Aaron Patterson <aaron@...>
Hi,
16 messages
2011/06/08
[#36866] Re: Object#trust vs Object#taint
— Yukihiro Matsumoto <matz@...>
2011/06/08
Hi,
[#36873] Re: Object#trust vs Object#taint
— Aaron Patterson <aaron@...>
2011/06/09
On Thu, Jun 09, 2011 at 07:49:06AM +0900, Yukihiro Matsumoto wrote:
[#36876] Re: Object#trust vs Object#taint
— Charles Oliver Nutter <headius@...>
2011/06/09
On Wed, Jun 8, 2011 at 8:19 PM, Aaron Patterson
[#36877] Re: Object#trust vs Object#taint
— Shugo Maeda <shugo@...>
2011/06/09
Hi,
[#36911] Re: Object#trust vs Object#taint
— Charles Oliver Nutter <headius@...>
2011/06/10
On Thu, Jun 9, 2011 at 12:46 AM, Shugo Maeda <shugo@ruby-lang.org> wrote:
[#36914] Re: Object#trust vs Object#taint
— Shugo Maeda <shugo@...>
2011/06/10
Hi,
[#36939] Re: Object#trust vs Object#taint
— James Gray <james@...>
2011/06/10
On Fri, Jun 10, 2011 at 4:21 AM, Shugo Maeda <shugo@ruby-lang.org> wrote:
[#37071] [Ruby 1.9 - Feature #4877][Open] Unify Variable Expansion within Strings — Lazaridis Ilias <ilias@...>
12 messages
2011/06/12
[#37106] ruby core tutorials location — Roger Pack <rogerdpack2@...>
Hello all.
10 messages
2011/06/13
[#37107] Re: ruby core tutorials location
— Jon <jon.forums@...>
2011/06/13
> Hello all.
[#37115] Re: ruby core tutorials location
— Roger Pack <rogerdpack2@...>
2011/06/13
> Rather than adding links to source code, I would prefer the wikibooks link and others under a new Tutorials section of http://www.ruby-lang.org/en/documentation/ as well as adding http://ruby.runpaint.org/ to the existing Getting Started section.
[#37117] Re: ruby core tutorials location
— Jon <jon.forums@...>
2011/06/13
> > Rather than adding links to source code, I would prefer the wikibooks link and others under a new Tutorials section of http://www.ruby-lang.org/en/documentation/ as well as adding http://ruby.runpaint.org/ to the existing Getting Started section.
[#37128] Re: ruby core tutorials location
— Roger Pack <rogerdpack2@...>
2011/06/14
> I like what you're trying to do and see how great that tutorial connection from rdoc/yard could be, say, mixing with existing ruby-doc.org and rubydoc.info. ut I question embedding source links to info in which the info can easily grow outdated or abandoned as time passes. I also question the ongoing maintenance burdens.
[#37137] Re: ruby core tutorials location
— Jon <jon.forums@...>
2011/06/14
> > I like what you're trying to do and see how great that tutorial connection from rdoc/yard could be, say, mixing with existing ruby-doc.org and rubydoc.info. ut I question embedding source links to info in which the info can easily grow outdated or abandoned as time passes. I also question the ongoing maintenance burdens.
[#37182] Re: ruby core tutorials location
— Roger Pack <rogerdpack2@...>
2011/06/16
> My feedback was specific to the suggestion of embedding links into the Ruby source tree, not the issue of whether more documentation is needed. For the tutorials scenario you raised, I believe links from http://www.ruby-lang.org/en/documentation/ (e.g. - a new Tutorials section) are a more adaptable and maintainable _implementation_ for dealing with documentation realities than links in source.
[#37139] [Bug: ruby-1.9] test-all on without openssl system — SASADA Koichi <ko1@...>
Hi,
4 messages
2011/06/14
[#37144] Ruby 1.8.6 status — Tanaka Akira <akr@...>
Hi.
6 messages
2011/06/14
[#37274] Re: Ruby 1.8.6 status
— Ryan Davis <ryand-ruby@...>
2011/06/21
[#37164] [Ruby 1.9 - Feature #4890][Open] Enumerable#lazy — Yutaka HARA <redmine@...>
30 messages
2011/06/16
[#37170] [Ruby 1.9 - Bug #4893][Open] Literal Instantiation breaks Object Model — Lazaridis Ilias <ilias@...>
61 messages
2011/06/16
[#37192] rb_w32_add_socket / rb_w32_remove_socket — ghazel@...
Hello,
3 messages
2011/06/17
[#37206] [Ruby 1.9 - Feature #4896][Open] Add newpad() support to Curses — Eric Hodel <drbrain@...7.net>
6 messages
2011/06/17
[#37207] [Ruby 1.9 - Feature #4897][Open] Define Math::TAU and BigMath.TAU. The "true" circle constant, Tau=2*Pi. See http://tauday.com/ — Simon Baird <simon.baird@...>
43 messages
2011/06/17
[#77620] [Ruby trunk Feature#4897] Define Math::TAU and BigMath.TAU. The "true" circle constant, Tau=2*Pi. See http://tauday.com/
— nobu@...
2016/10/14
Issue #4897 has been updated by Nobuyoshi Nakada.
[#37217] coerce — Ondřej Bílka <neleai@...>
Hello
8 messages
2011/06/18
[#37256] Re: coerce
— Robert Klemme <shortcutter@...>
2011/06/21
2011/6/18 Ondřej Bílka <neleai@seznam.cz>:
[#37260] Re: coerce
— Ondřej Bílka <neleai@...>
2011/06/21
On Tue, Jun 21, 2011 at 04:06:05PM +0900, Robert Klemme wrote:
[#37261] Re: coerce
— Robert Klemme <shortcutter@...>
2011/06/21
2011/6/21 Ondřej Bílka <neleai@seznam.cz>:
[#37265] Re: Welcome to our (ruby-core ML) You are added automatically — "Anthony Crognale" <anthony@...>
mget last:10 mp
3 messages
2011/06/21
[#37286] [Ruby 1.9 - Bug #4916][Open] [BUG] Segmentation fault - dyld: lazy symbol binding failed: Symbol not found: _ASN1_put_eoc — Hiroshi NAKAMURA <nakahiro@...>
9 messages
2011/06/22
[#37288] [Ruby 1.9 - Bug #4917][Open] NilClass#to_ary — Jay Feldblum <y_feldblum@...>
8 messages
2011/06/22
[#37298] [Ruby 1.9 - Feature #4917][Rejected] NilClass#to_ary
— Marc-Andre Lafortune <ruby-core@...>
2011/06/22
[#37289] [Ruby 1.9 - Feature #4918][Assigned] Make all core tests inherit from Test::Unit::TestCase — Martin Bosslet <Martin.Bosslet@...>
4 messages
2011/06/22
[#37336] I have imported Rake 0.9.2 to trunk — Eric Hodel <drbrain@...7.net>
I asked Jim if he would like me to import rake 0.9.2 to trunk, so I have.
4 messages
2011/06/23
[#37401] [Ruby 1.9 - Bug #3784] Seg fault in webrick — Yui NARUSE <redmine@...>
1 message
2011/06/26
[#37463] [Ruby 1.9 - Bug #4480][Assigned] Thread-local variables issue: Thread#[] returns nil when called first time — Yui NARUSE <redmine@...>
3 messages
2011/06/26
[#37546] [Ruby 1.9 - Bug #4934][Open] winsock listen backlog may only be set once, and is set to 5 — Greg Hazel <ghazel@...>
6 messages
2011/06/26
[#37551] [ANN] Ruby Weekly Report — "Shota Fukumori (sora_h)" <sorah@...>
Hi,
4 messages
2011/06/26
[#37576] [Ruby 1.9 - Feature #4938][Open] Add Random.bytes [patch] — Marc-Andre Lafortune <ruby-core@...>
13 messages
2011/06/27
[#37588] CI? — Ryan Davis <ryand-ruby@...>
Is this an official CI for ruby?
7 messages
2011/06/27
[#37590] Re: CI?
— "NARUSE, Yui" <naruse@...>
2011/06/27
(2011/06/28 6:28), Ryan Davis wrote:
[#37612] [Ruby 1.9 - Bug #4941][Open] cannot load such file -- rubygems.rb (LoadError) — Lazaridis Ilias <ilias@...>
25 messages
2011/06/28
[ruby-core:37474] [Ruby 1.9 - Bug #4408] Net::SSH connections are subject to plaintext recovery due to lack of CTR mode
From:
Hiroshi NAKAMURA <nakahiro@...>
Date:
2011-06-26 09:40:36 UTC
List:
ruby-core #37474
Issue #4408 has been updated by Hiroshi NAKAMURA. Target version set to 1.9.x ---------------------------------------- Bug #4408: Net::SSH connections are subject to plaintext recovery due to lack of CTR mode http://redmine.ruby-lang.org/issues/4408 Author: micah anderson Status: Assigned Priority: Normal Assignee: Hiroshi NAKAMURA Category: Target version: 1.9.x ruby -v: this bug can reproduce at Ruby 1.8, too =begin It is my understanding that due to the current Ruby OpenSSL bindings, only the following ciphers modes are supported in Net:SSH: >> Net::SSH supports the following ciphers: aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc rijndael-...@lysator.liu.se idea-cbc none I am not talking about the ciphers (aes, des, idea, etc.) here. A quick clarification for those who need it: AES, 3DES etc. are block ciphers, this means that they take a block of cleartext and a key and produce a block of ciphertext (and vice versa), but when you're dealing with streams of information, you have to figure out how to join these blocks together, and there are security tradeoffs in how you do it. So CBC is "cipher block chaining" mode, and CTR is "counter" mode. You will notice that the only block chaining modes supported are only CBC. If you review the following: http://www.kb.cert.org/vuls/id/958563 you will see that this attack can potentially allow an attacker to recover up to 32 bits of plaintext from an arbitrary block of ciphertext from a connection secured using the SSH protocol in the standard configuration. In order to mitigate this vulnerabilty SSH can be setup to use CTR mode rather CBC mode. According to CPNI Vulnerability Advisory SSH: The most straightforward solution is to use CTR mode instead of CBC mode, since this renders SSH resistant to the attack. An RFC already exists to standardise counter mode for use in SSH (RFC 4344). Due to the limited number of cipher modes available, any system wishing to do Net::SSH (eg. capistrano operations) that has picked specific ciphers for local policy reasons that do not include CBC ciphers will result in a mysterious problem due to lack of agreed cipher modes, the only solution is to downgrade the available ciphers presented to those of what Ruby has available. This has come up a number of times on the Capistrano list (e.g. http://www.mail-archive.com/capistrano@googlegroups.com/msg05641.html). It is my understanding that the fix requires tweaking of Ruby's OpenSSL bindings to provide these newer cipher modes. In a sufficiently modern TLS implementation, i'd argue that it's simply going to be more and more incompatible with clients and servers as stricter requirements become standard. =end -- http://redmine.ruby-lang.org