Ruby On Rails Critical Security Vulnerability
-
Tuesday, 15th January, 2013
-
21:51pm
Ruby on Rails has recently announced a critical security vulnerability and has released patches for their currently supported versions. The following Rails versions have been patched:
http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ * 3.2.11
* 3.1.10
* 3.0.10
* 2.3.15
If you are running cPanel, please note that security updates are currently being released for all supported versions. After the update has been released, cPanel will automatically upgrade to the latest version when your daily update runs. You may want to check your settings as this will not occur if updates have been manually disabled. Versions of cPanel with the security update include:
* 11.35.0.4
* 11.34.1.7
* 11.32.5.18
* 11.30.7.6
If you don't have cPanel you will need to update Ruby on Rails manually. We have posted specific directions in a KnowledgeBase article should you require assitance with this task.
We are proacitvely notifying you of this vulnerability in our ongoing effort to remain proactive and provide the best customer security experience for our users. Our highly trained technicians are available to assist with any questions or concerns at support@hdwebprovider.com
