TheRuby core team has released a security patchfor Ruby 1.9.3 and
2.0.0 to fix a security vulnerability that can lead to denial of service
through memory overflows. You can find more information about this
This is what we’ve done
We have updated the deployed version numbers of Ruby 1.9.3 (to 484)and
2.0.0 (to 535)on the system and all new stacks and servers scaled up
since yesterday have the patched version of Ruby installed. All stacks
with Ruby versions without the patch will see a warning on
We have also rolled outautomatic Ruby update featureto allow you
upgrade your Ruby version when you’re ready. More information
onUpgrading your Ruby and
This is what you need todo
Login to your Cloud 66 dashboard and see if you have a StackScore
warning related to this issue. You don’t need to do anything if there is
Please note:The warning will not be issued for stacks that are not
successfully deployed. You will see the warning if it is applicable
after your stack is deployed successfully.
If you see a warning, you can use the Deploy with Options menu item
(under the stack deploy icon) and select the Apply Upgrades checkbox and click on the Deploy button. This will upgrade your Ruby to 1.9.3p484 or
Ruby 2.0.0p353 on all your servers and redeploy your stack normally
Please make sure your code works with these Ruby versions. Also please
note that this action will deploy your latest code to your stack.
As always, if you need any help or support please let us know using
email@example.com or the usual Support link on your dashboard.