Change is good. Change is a sign of life. Change that moves you towards your goal is a Good Thing™.

Change that makes you run around the same circle over and over again is not such a Good Thing.

OpenSSL has had security Issues for quite some time. Recently, like in the last year or so, it’s been getting updated more regularly as problems get addressed.

“Good”, you say. “Secure data is what the Internet relies on, isn’t it?” Well, no; not exactly. And closer to home, every Ruby developer dreads seeing that message from their package manager of choice saying “Your openssl version has been updated”.

Because, if you’re using a version manager like RVM or rbenv, that means you get to go reinstall every Ruby version you need to run on your system.

Here’s basically what I do. I’m using rbenv with a current production Ruby of 2.1.4 on a Mac; your setup will differ based on how different your system is. (Translation: Don’t come crying to me if this doesn’t work for you. You’re smart enough to use Ruby; you’re smart enough to fix it, with a little help from DuckDuckGo):

Step 1: Run rbenv versions. This presently gives me output of

  system
  2.0.0-p481
* 2.1.4 (set by /usr/local/rbenv/version)
  2.2.0-preview1

Step 2: Nuke from orbit. (Note that I’m running on OS X 10.8.5… yeah, yeah…)

$ rbenv global system
$ rbenv rehash
$ ruby --version
ruby 1.8.7 (2012-02-08 patchlevel 358) [universal-darwin12.0]
$ rm -rf $RBENV_ROOT/versions/*

Step 3: Reinstall “main” Ruby version and systemwide Gems. The `say “All done” is so Daniel tells me when it’s done, so I can go do other things and come back.

$ rbenv install 2.1.4 && say "All done"
$ rbenv global 2.1.4
$ gem install rails rspec simplecov pry-{bloodline,doc,docmore,byebug,stack_explorer,rescue,theme,pretty-numeric,highlight,editline,git} awesome_print bond jist jeweler lotusrb lotus-{model,helpers} padrino padrino-{assets,flash} rubycritic && say "all done"
$ rbenv rehash
$ gem cleanup

Step 4: Lather; rinse; repeat for every other Ruby version needed on the system. Remember that openssl is statically linked into Ruby and it has to match the current (latest security-update-driven) version on the system.

$ rbenv global system && rbenv rehash
# ...
$ gem cleanup
$ rbenv global 2.1.4 && rbenv rehash

Now you can get started on what you set out to do this morning… after tea break.


Jeff Dickey

Software and Web developer. Tamer of deadlines. Enchanter of stakeholders.