A Small Orange Weekly Digest 1/7 - 1/11
ASO Ninja Profile: Ron D.

Emergency Ruby on Rails Upgrade Information

A recent security issue affecting the Rails component of the Ruby-on-Rails open source web application framework has prompted the immediate upgrade of the Rails stack on all our shared and reseller servers. This upgrade addresses the existing security issue, linked below, as well as upgrades associated components gems and passenger to the latest versions which are also noted below.

Unfortunately, this upgrade has the potential to negatively impact the usage of your existing Rails applications if they are not compatible with the latest versions. Although we make every effort to always retain compatibility during any kind of upgrade, in this case, security is an overriding factor and we are not able to guarantee that all applications will continue to operate under the new versions. This upgrade will also remove the support for the cPanel Rails Application installer located in your cPanel web interface.

This feature, although provided for convenience, has no impact on your ability to install Rails applications over SSH, which is the preferred and recommended method to setup your Rails applications. We have a knowledge base artcle located here: Rails Application Setup: https://help.asmallo...rticle/View/251 that should assist you. For additional information on the security issue, please see below: Security Vulnerability Details: http://weblog.rubyon...-been-released/ Software Upgrade Versions: ruby 1.9.3-p362 rails 3.2.11 gems 1.8.24 passenger 3.0.19 If we can assist you with this upgrade, please let us know and we'll be happy to do so.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)