CVE-2015-1855: Updated Ruby packages for Ubuntu

This week, new versions of Ruby were released fixing a security bug related to overly permissive matching of hostnames in certificates (CVE-2015-1855).

We’ve updated our ruby-ng Ubuntu packages for 2.2.2, 2.1.6 and 2.0.0-p645 and also 1.9.3 and 1.8 packages with the fixes backported (thanks to tobias.kraze@makandra.de).

We had all these packages built yesterday evening in the ruby-ng-experimental repository and due to recent improvements made to automate package install testing, they’re in the official ruby-ng today.

And if you happen to be looking for a UK-based cloud infrastructure provider with highly available datacentres to deploy your Ruby app, then you can sign-up here and get £20 credit to play with. Or drop us a line to chat about your requirements.

Recent posts

Get started with Brightbox Sign up takes just two minutes...