Ruby security updates

[zimbatm]

These commits fix the security issue described in CVE-2013-4164. Ruby 1.8.7 has also been updates but it still vulnerable to that CVE. Ruby 1.8.7 is not supported by the ruby core team and should probably be removed from the repo entirely.

The Darwin patch has also been imported from #1229

[domenkozar]

Looks good to me, haven't tried it yet.

[zimbatm]

I have tried 1.9.7 and 2.0.0 on OSX, 1.8.7 wasn't compiling in either versions

[bjornfor]

+1.

Who wants to do the merge? :-)

[vcunat]

There seem little risk in merging, and security updates are important (I'll just test it builds, together with texLive and munin). Thanks!

If there isn't a reason to keep ruby18, then it should be removed IMHO. I don't know/use ruby, so I'm leaving it for others to decide, but it seems clear as it's unsupported and vulnerable...

[vcunat]

Pushed into master.

I wanted to merge it, but during testing someone updated master, so I rebased the merge commit, which resulted into a fast-forward merge and erasing my merge commit (I hope it doesn't matter).

[zimbatm]

I would remove the ruby18 package but I don't feel I have the position to do it. Some old software might depend on it since ruby 1.9 is not entirely backward-compatible.

[vcunat]

Note: I see still one explicit reference to ruby18 in nixpkgs.

[zimbatm]

I looked at the latest tarball release and there seem to be no mention of ruby in the source. Weird. http://klinkstatus.kdewebdev.org/releases/klinkstatus-0.3.1.tar.bz2 . Maybe it would compile without the ruby18 derivation.

[zimbatm]

There's also s3sync who has a ruby18 override in the all-packages.nix