[DRE-maint] Bug#655896: Rails depends on the wrong version of librack-ruby, which leads to a loss of data in redmine.

[Kubo Hiroshi]

Package: libactivesupport-ruby1.8 
Source: rails
Version: 2.3.5-1.2+squeeze1
Tags: redmine librack-ruby libactivesupport-ruby
Severity: grave

In squeeze, when redmine package is installed, rails 2.3.5-11.2+squeeze1
and librack-ruby 1.1.0-4 are installed at the same time for its dependency.

But in the upstream document of the Redmine 1.0.1,
rack 1.0.1 is officially supported, not 1.1.0.

This version mismatch actually leads to the loss of data in redmine.

The minimum example is as follows:

1. Create a project under the Redmine instance.

2. Create a ticket in the project above.

3. Click "Update" link and add a note to the ticket
   above by typing:

X (
'A'
)

4. On the ticket page, click the edit button of
   the note #1 under the History.

5. Click the "Save" button

6. The note is changed to the one-line text below:

'A'


More information:

* During the above procdure, the user does not have a chance
  to notice losing the content of the note.

* Whether the loss of data in the note occurs depends 
 on the content of the text. Only the very limited
 patterns of text is lost.

* Preview function of the ticket editor and the wiki editor
  also change and trim the text like the above example.
  So, preview function is also broken.


Investigation:

I tried to figure out the cause, and found out that 
this phenomenon does not occurs with the Rack 1.0.1.


In my opinion, the cause is that the packages out of
the rails source package depends on the wrong version
of librack-ruby. 

The dependency declarations bellow seems wrong.

Source: rails
Build-Depends-Indep: librack-ruby (>> 1.1.0)

Package: libactivesupport-ruby1.8
Depends: librack-ruby (>> 1.1.0)

Package: libactivesupport-ruby1.9.1
Depends: librack-ruby (>> 1.1.0)


Thank you in advance.
---
Kubo Hiroshi <h-kubo at geisya.or.jp>