Vunerabilities discovered in Ruby
Posted by Nathan Kaiser on Mon Jun 23 11:44:00 UTC 2008
Drew Yao of Apple Product Security recently discovered and disclosed several critical vulnerabilities in Ruby which do affect all previously-released versions of Ruby. Starting immediately, over the next few days we’ll be updating the versions installed in our standard Rails stack, as well as those versions which may have been provided by our operating system vendor to revisions which are not vulnerable. We don’t anticipate this causing any problems for any customer-written ruby code.
As we update each system, we will need to restart ruby applications. We anticipate this will entail less than 5 seconds of down-time for each service. (For those of our customers with load-balanced services, this should entail no down time at all.) If you’d like to work with us to schedule a specific time to update the Ruby binary and libraries on your system, please open a support ticket with us.
You can read more about the vulnerabilities discovered here.
THE LATEST
THE ARCHIVES
- July 2010
- June 2010
- May 2010
- March 2010
- February 2010
- January 2010
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- March 2008
- January 2008
- December 2007
- October 2007
- August 2007
- May 2007
