Ruby 1.8 package breaks the Metasploit Framework (short-named constants)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ruby1.8 (Debian) |
Fix Released
|
Unknown
|
|||
ruby1.8 (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Intrepid |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Jaunty |
Fix Released
|
Medium
|
Jamie Strandboge |
Bug Description
Binary package hint: ruby1.8
The current stable release of the Ruby interpreter (1.8.7 in Ibix) breaks any software using short-named constants. The latest stable version from ruby-lang.org has this issue as well, but it has been fixed in the latest stable snapshot.
To summarize, this version is bad: ftp://ftp.
This version is corrected: ftp://ftp.
When the bug triggers, it looks something like:
[-] Exploit failed: uninitialized constant Msf::ModuleSet::NDR
Since we recommend Ubuntu as a stable platform for the Metasploit Framework, we would really like to see 8.10 ship with a working version of the Ruby interpreter.
Changed in ruby1.8 (Debian): | |
status: | Unknown → Fix Released |
Thanks a lot for taking the time to report this issue and help us make Ubuntu better.
Could you please provide us with a step by step way to reproduce this issue?
Also, would you know exactly which commit fixed the problem between the 2 release?