You probably have heard by now that there are some security issues with all the versions of Ruby and that you should upgrade your Ruby to get the fixes. The holes mainly involve buffer overruns and a particularly nasty vulnerability that only affects non-Unix based operating system. These effect Ruby versions 1.8.5, 1.8.6, 1.8.7 and 1.9.0. (Since I only use 1.8.6, that’s all I’ll talk about here.) The solution is to update 1.8.6 to version 1.8.6-230. Unfortunately p230 breaks rails and almost everything else running ruby. So what is a boy to do? Well Hong Li has come to the rescue. He has back ported the changes to p111 so the rest of us can apply his patch and secure our 1.8.6 machines at p111. The fix involves downloading Ruby 1.8.6-111, patching the source, compiling ruby and restarting your apps.
Run the following commands:
> wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p111.tar.gz > tar zxvf ruby-1.8.6-p111.tar.gz > cd ruby-1.8.6-p111 > wget http://blog.phusion.nl/images/assets/r8ee-security-patch-20080623.txt > patch -i r8ee-security-patch-20080623.txt > ./configure > make > sudo make install
Restart you mongrels and any other Ruby applications.
While patching I would get the following:
index 410cc6f..c8278b7 100644 |— a/lib/webrick/httpservlet/filehandler.rb
File to patch:
* Just give it this path: lib/webrick/httpservlet/filehandler.rb - Sometimes the sudo make install would fail with an error:
/bin/sh: ./miniruby: No such file or directory
* Just run “make clean” and then ./configure, make, sudo make install again.
Thanks to Wilson Bilkovich for pointing me in the direction of Hong Li’s patch.
If you wanted it to build a product you’d find a way to get time to work on it. If you really wanted to start that new hobby you’d sacrifice something to find the time and money to do it.
I'll define a "Wannabe Entrepreneur" as someone who has never made money from their businesses. Here are the different types of wannabes.
In the past few years I've built go-carts, built a 200+ sq ft workshop, written several eBooks. How do I create a life where I have time to work on side projects?
Receive 5 Software projects mistakes we have made over the years and how to avoid them.