OSVDB 119927 : http Gem for Ruby SSL Certificate Validation MitM Spoofing

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problem

There was a security vulnerability issued by Gemnasium about the http gem with the title OSVDB-119927 – MitM Security Vulnerability.

The details for it are here.

Solution

After some investigation (gem dependency http –reverse-dependencies) it turns out that the twitter gem (5.14.), is using an older vulnerable http dependency (0.6.3).

In order to remove this warning and until there is a new twitter gem released, you can use the github master branch of twitter, like:

cannot load such file — zlib

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problemo

You are trying to install a gem with rvm but you are getting the following error:

ERROR: Loading command: install (LoadError
cannot load such file — zlib
ERROR: While executing gem … (NameError)
uninitialized constant Gem::Commands::InstallCommand

Solution

Following from the post here

you would need to install the zlib library with rvm, uninstall your ruby version and then install the ruby version again with the folowing:

 

Mandriva – Rails 2.3.2 – mysql gem – ‘ERROR: Error installing mysql’

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problem
You are trying to install the mysql gem in Mandriva, but it fails with error messages:

Solution
After searching in google, with solutions about providing different options (– –with-mysql-config, ..etc), even trying different combinations for providing the client library path, the configuration file, or the header file path, was still faced with the same error installing the mysql gem.
As the Mandriva installation was quite new, it turns out to be a couple of missing packages.
So try:

and run:

again.

It should work out ok install the gem and output:

FBML Error (line 5): illegal tag “body” under “fb:canvas”

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problem
When trying to use facebooker according to the Developing facebook platform applications with rails book, in the network_test step you are getting the following error:

Solution
It should be caused because you are using the facebooker gem instead of the plugin.
Install the plugin:

Upgrading Ruby on Rails application from 1.2.3 to 2.0.2

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problem
Upgrading an existing Ruby on Rails application from 1.2.3, to 2.0.2, presents few problems. I will try and keep a record of the ones I encounter along the way, here.

Solution

  1. Change the config/environment.rb to let the application know to use the 2.0.2 gem rail version,
  2. change the following line from:

    to:

  3. Run the following to generate the secret key for the application:
  4. Copy the magic key in a new section in your config/environment.rb as in:

Upgrading to Rails 2.0.2 problems/solutions

Email this to someoneShare on Google+Share on FacebookTweet about this on TwitterShare on LinkedIn

Problem
Upgrading from Rails version 1.2.3 to version 2.0.2.
Following the suggestion in DH’s weblog here when using sudo gem install rails -y, it gets the trunk version of rails which at the time was 2.0.2.9216.
This causes a few problems and breaks a few more things.

Solution
In order to get back to the latest stable version, you have to uninstall a few of the gems installed from the trunk version.
If you have installed the latest version of top of an existing one using gems, then doing:

will give you all the installed versions of the gems. Something like:

Make sure you uninstall all the gems with version number 2.0.2.9216:

In each of the above commands the gem package manager should ask you to select the one you want to uninstall.
Pick the one with the 2.0.2.9216 (or other version later than 2.0.2).

At the end if you list the gems again you should only have gems going up to version 2.0.2

An extra step I had to take for making the migrations work was to install rake again:

After all these my installation seems to be working fine again.