Site Update - Critical Ruby on Rails Vulnerability Fix

(imported topic written by jeremylam)

We’ve just published an update for the Mobile Device Management site. This release was in response to a publicly disclosed Ruby on Rails framework critical security vulnerability, described here in the Ruby on Rails site:

The iOS Management Extender, Trusted Service Provider (TSP) and Self-Service Portal (SSP) use the Ruby on Rails framework and are affected by this security vulnerability. All deployed management components should be updated.

Fixed Issues:

Updated iOS Extender, Trusted Service Provider (TSP) and Self-Service Portal (SSP) to resolve a Ruby on Rails critical security vulnerability.

Required Actions:

Update deployed iOS Management Extender components using Fixlet 94: Upgrade Management Extender for Enrollment and Apple iOS

Update deployed Trusted Service Provider (TSP) components using Fixlet 200: Upgrade Trusted Service Provider

Update deployed Self-Service Portal (SSP) components using Fixlet 184: Upgrade Self Service Portal