Trouble installing after net-scp etc yanking from rubygems

[johnae]

net-scp 1.0.5 and 1.0.6 have been yanked from ruby gems. This caused serious trouble for us. It's all because of the latest security vulnerabilities of ruby gems afaik.

Read more about it here:

http://solutious.com/blog/2013/02/06/net-ssh-gem-code-signed/

Perhaps Fog could depend on 1.1.x of net-scp?

[nirvdrum]

The gem was yanked for far less serious reasons. I still think yanking it was incredibly short-sighted, but you can read about why it was yanked here:

net-ssh/net-ssh#80

[geemus]

Fixed by #1562

[sbeam]

could you push a gem based on this?

[nirvdrum]

You should be able to work around the issue by rolling back net-scp in your Gemfile. Easiest way is to add an entry that locks net-scp down to "1.0.4" and doing a "bundle update net-scp."

[geemus]

@sbeam - I'm a little bit swamped at present, but hope to roll a gem in the next few days.