We were recently alerted to some rails vulnerabilities by Heroku. They provided us with some directions but unfortunately our main developer is no longer with us.
We have had to go in and do other things in the past using Heroku Tookbelt (Windows) which wasn't too painful but we aren't sure how to proceed with the directions that were sent out about the vulnerability. We can't get to the point to begin step 1.
Can you offer some assistance with getting us to the point where we are ready to do #1?
Here are their directions:
#1 Open the Gemfile in the affected application and change the Rails version to:
rails '3.2.11'
#2 Then run:
$ bundle update rails
#3 Then commit the results to git, and push to Heroku:
$ git push heroku master
--------------
FYI - we can connect to heroku with email and password and show the apps, etc. we just don't know how to "open the gemfile"
I'm guessing this is going to be a 5 minute answer if you know anything about Heroku and Rails
You won't actually be performing the update, you will just be explaining to us how to do it using WINDOWS!!!
Hello,
This is, as you've stated, a quite simple change for someone who knows what they are doing. I can give you detailed instructions on how to do this simply and with fast.
I hope we can do business together and get your app patched quickly :).