I have found this analysis of the vulnerabilities quite informative.
And by the way, over six months ago the very same Zed Shaw in his Rails is a Ghetto rant (warning: shocking facts and explicit language contained within) pointed out the larger issues within the Ruby community which might as well be the root cause of what Jake calls "release process problems". The rant caused quite a stir among Ruby users, but unfortunately it failed to become that wakeup call for the Ruby developers. Here's hoping they wake up now...
Ruby has been my language of choice for 6 years (Rails is almost 4 years old), and it's been a huge improvement over Perl which I used before, but right now I'm considering another switchover to some less developer-friendly language with a more responsible community around it. This bug was a first sign, Zed's rant was a wakeup call for me, and this vulnerability hoopla is the last straw.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds