Try Engine Yard for your Rails app
START A FREE TRIALFree Download
"Top 10 Advantages of Platform-as-a-Service"
Should you DIY your app deployment & maintenance or hand it off?
Subscribe to the Engine Yard blog for expert Rails tips!
Security vulnerability in nginx
A security vulnerability in nginx has been reported. This vulnerability is exploited via a null pointer dereference, and although this has been characterized as a Denial of Service attack, we suspect that it can be exploited to execute arbitrary code. As such, it’s important for all nginx users to upgrade or patch this vulnerability as soon as practicable.
All versions of nginx prior to 0.8.15, 0.7.62, 0.6.39 and 0.5.38 in the 0.8, 0.7, 0.6 and 0.5 nginx codelines are vulnerable.
Engine Yard customers have already been contacted via email about this issue. For Engine Yard Cloud customers, this patch will be automatically applied the next time you perform a deploy. All other customers should open a support ticket so that you can arrange an appropriate maintenance window with support.
Share your thoughts with @engineyard on Twitter