Topic
  • No replies
jeremylam
jeremylam
28 Posts

Pinned topic Site Update - Critical Ruby on Rails Vulnerability Fix

‏2013-01-10T02:16:53Z |
We've just published an update for the Mobile Device Management site. This release was in response to a publicly disclosed Ruby on Rails framework critical security vulnerability, described here in the Ruby on Rails site:

http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/

The iOS Management Extender, Trusted Service Provider (TSP) and Self-Service Portal (SSP) use the Ruby on Rails framework and are affected by this security vulnerability. All deployed management components should be updated.

Fixed Issues:

Updated iOS Extender, Trusted Service Provider (TSP) and Self-Service Portal (SSP) to resolve a Ruby on Rails critical security vulnerability.

Required Actions:

Update deployed iOS Management Extender components using Fixlet 94: Upgrade Management Extender for Enrollment and Apple iOS
Update deployed Trusted Service Provider (TSP) components using Fixlet 200: Upgrade Trusted Service Provider
Update deployed Self-Service Portal (SSP) components using Fixlet 184: Upgrade Self Service Portal