网站已死。 “需要采取措施：Rails安全漏洞” [英] Site dead. "ACTION REQUIRED: Rails Security Vulnerability "

问题描述

我的网站目前已经死了，因此我无法解释这对我来说有多迫切。

情况：几天前，我收到了一封来自Heroku的电子邮件需要采取措施：Rails安全漏洞，建议我将rails更新到版本3.2.11。在我遵循电子邮件中的所有步骤之后，我尝试打开我的网站。当我看到我无法打开我的网站时，我感到非常惊讶。我的网站是用 RefineryCMS 。

制作的。使用git将我的网站恢复到前一点在什么时候一切都很好？

当我在本地运行网站时，出现以下错误：
$ b

ActiveRecord ::炼油厂中的RecordNotFound :: PagesController＃home

无法找到id = torte-za-rodendan的Refinery :: Page：

...

app / views / stranice / naslovnica / _favourite_products.html .erb：7：'_app_views_stranice_naslovnica__favourite_products_html_erb__4156700835010289094_66485000'

app / views / refinery / pages / home.html.erb：16：in _app_views_refinery_pages_home_html_erb ___ 2482419061129865361_67

解决方案

是的，我们都收到了来自Heroku的电子邮件。 >由于您的网站之前使用git进行了版本控制，因此您可以按照以下这些步骤撤销上次提交。

然而，我不确定你是否真的需要做到以上。你只需要确保你的heroku应用程序在rails 3.2.11上运行 - 这是一个非常严重的安全问题，也许heroku甚至会阻止没有足够快速升级的站点。

请按照以下步骤操作：

• 运行测试并确保一切正常


• 打开一个通过git的新分支（ git checkout -b new_rails ）


• 更改Gemfile中的Rails 3.2.11


• 在environment.rb中将RAILS_GEM_VERSION更改为'3.2.11'
  
• 运行 bundle update rails


• 运行测试并查看一切是否仍然有效


• 如果不是，请执行 git checkout master ;可以通过执行 git branch -D new_rails

删除新分支只有在新的分支上才能确保没有任何中断。

如果您以后仍然遇到错误，请告诉我们heroku的日志中有什么。

My site is currently dead therefore I can't explain how urgent for me this is.

Situation: A few days ago I received an e-mail from Heroku "ACTION REQUIRED: Rails Security Vulnerability " advising me to update rails to version '3.2.11'. After I followed all the steps in the e-mail I tried to open my web site. I was extremely surprised when I saw that I can't open my site. My site is made with RefineryCMS.

Is it possible, using git, to restore my site to the previous point in time when everything was working great?

When I run the site locally I get the following error:

ActiveRecord::RecordNotFound in Refinery::PagesController#home

Couldn't find Refinery::Page with id=torte-za-rodendan

...

app/views/stranice/naslovnica/_favourite_products.html.erb:7:in `_app_views_stranice_naslovnica__favourite_products_html_erb__4156700835010289094_66485000'

app/views/refinery/pages/home.html.erb:16:in `_app_views_refinery_pages_home_html_erb___2482419061129865361_67

解决方案

Yep, we all got that email from Heroku.

Since your site was versioned with git before, you can undo the last commit by following these steps.

However, I am not sure whether you really need to do the above. You just need to make sure that your heroku app runs on rails 3.2.11 - it is a pretty serious security issue, maybe heroku even blocks sites that aren't upgraded quickly enough.

Follow these steps:

• Run your tests and make sure everything works
• Open up a new branch through git (git checkout -b new_rails)
• Change Rails 3.2.11 in your Gemfile
• Change RAILS_GEM_VERSION to '3.2.11' in environment.rb
• Run bundle update rails
• Run the tests and see if everything still works
• If not, reverse back to the old branch by doing git checkout master; optionally delete the new branch by doing git branch -D new_rails

Doing it only on the new branch ensures nothing breaks.

If you still get errors afterwards, please tell us what's in heroku's log.

这篇关于网站已死。 “需要采取措施：Rails安全漏洞”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！