There are a number of instances where you may find yourself with two arrays and you need to find the values that do not exist in both. This is fairly simple:
For these two arrays:
a = ["rockets", "saucers", "underwater", "warp"]
b = ["saucers", "fuel", "moon", "warp"]
A simple way to do this is to put the two arrays together and then remove the items that exist in both:
(a | b) - (a & b)
Gives you:
["rockets", "underwater", "fuel", "moon"]
A Denial of Service vulnerability has been found and fixed in ruby. The vulnerability is due to the BigDecimal method mishandling certain large input values and can cause the interpreter to crash. This could be used by an attacker to crash any ruby program which creates BigDecimal objects based on user input, including almost every Rails application. This vulnerability has been assigned the CVE name CVE-2009-1904.
For upgrade instructions and information on affected ruby versions please see the ruby security team’s announcement.
All users are advised to upgrade their ruby installations immediately to avoid this problem. In the event that you are unable to upgrade your ruby installation, or are using an out-of-maintenance ruby version, there is a workaround available on github. You can either install it as a gem, or simply copy the file bigdecimal-segfault-fix.rb into config/initializers of your rails application.
via Riding Rails: DoS Vulnerability in Ruby.
Want to save some time when installing on Ubuntu? We do too:
Check it out on the brightlight blog:
Unattended Passenger / Ruby Enterprise Installation on Ubuntu 8
We’re busy testing our apps on rails 2.2 now that it’s out.
Things are going very well. We’re here to help you with yours if you need us, send an email to support@imapenguin.com
Mongrel has served us well for the past year or so, but the simplicity of deployment in passenger along with the ever reliable apache has lured us into extensive testing. We’re getting slightly better performance numbers from passenger over mongrel with about 2/3 of the memory footprint. Please let us know at support@imapenguin.com if you see any wonkyness with any of our services. As we migrate over night.
Ubuntu pushed patches for the aforementioned Ruby vulnerabilities last night. apt-get to get them in a snap. Thanks for the quick response Ubuntu team!
Nate Clark is right. The risk of the recently announced Ruby vulnerabilities may or may not be high, but let’s not take any chances.
He’s done a quick and good how to on upgrading Ubuntu servers. Check it out. Nate Rules.
Bleh, there are some nasty ruby vulnerabilities out in the wild right now. Details are here. We’ll post an update as Linux distributions get patches to let you know who needs to take action to get fixes.
We’re compiling ruby from source for the time being on production machines until updates appear.
If you need help, it’s support@imapenguin.com
There is a bug in the capistrano git bridge that’s not been patched in the stable version yet.
If you’re getting:
fatal: Could not parse object
A quick and dirty hack is to add a task that just removes your git cache for now on the deployed server with:
desc "Clear that git cache"
task :clear_git_cache do
run "rm -Rf /#{deploy_base}/#{application}/shared/cached-copy"
end
before "deploy", "clear_git_cache"
It takes about 1 second longer to do the checkout but I don’t really notice.