Some days ago the Ruby team disclosed some serious Ruby security vulnerabilities and published the corresponding patches for Ruby. Being debian our current deployment platform of course there was no official update available so i decided to compile ruby using the suggested patch version (in my case ruby 1.8.5-p231).
After compiling ruby and installing all the gems i was very disappointed when i found out that the official fix version suggested by the Ruby team was broken and my application was exiting with segfaults.
There has been quite a discussion on wether people should rush and try to update or wait for an official working and stable fix. I also found out that other people using patched 1.8.6 and 1.8.7 versions of Ruby were having the same problems with the segmentation faults.
And then, right in the middle of this desperate situation, the guys from Phusion came to the rescue with a working version of Ruby Enterprise Edition with the patches!
We have already been using Phusion Passenger a.k.a mod_rails for a few weeks now and are very happy with it and we already intented to give REE a try, so after the whole situation we have ended up replacing the unsecure ruby 18.5 with the current REE release and it seems to run very stable.
Many thanks to the Phusion guys for their excellent REE and Passenger software!
BTW: If you are having trouble with readline after installing REE and removing the old Ruby version ( ‘there’s no such file to load — readline’…) please make sure the libreadline5-dev package is installed and reinstall REE. More details here