A Small Orange Weekly Digest 1/7 - 1/11
ASO Ninja Profile: Ron D.

Emergency Ruby on Rails Upgrade Information

A recent security issue affecting the Rails component of the Ruby-on-Rails open source web application framework has prompted the immediate upgrade of the Rails stack on all our shared and reseller servers. This upgrade addresses the existing security issue, linked below, as well as upgrades associated components gems and passenger to the latest versions which are also noted below.

Unfortunately, this upgrade has the potential to negatively impact the usage of your existing Rails applications if they are not compatible with the latest versions. Although we make every effort to always retain compatibility during any kind of upgrade, in this case, security is an overriding factor and we are not able to guarantee that all applications will continue to operate under the new versions. This upgrade will also remove the support for the cPanel Rails Application installer located in your cPanel web interface.

This feature, although provided for convenience, has no impact on your ability to install Rails applications over SSH, which is the preferred and recommended method to setup your Rails applications. We have a knowledge base artcle located here: Rails Application Setup: https://help.asmallo...rticle/View/251 that should assist you. For additional information on the security issue, please see below: Security Vulnerability Details: http://weblog.rubyon...-been-released/ Software Upgrade Versions: ruby 1.9.3-p362 rails 3.2.11 gems 1.8.24 passenger 3.0.19 If we can assist you with this upgrade, please let us know and we'll be happy to do so.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.