ways to manually update RubyGems without susceptibility to CVE-2015-3900 (until there is a new ruby release)
because gem update --system
uses rubygems to get the newest rubygems-update gem, and the vulnernability is in rubygems...
via ruby:
\curl -sSL https://gist.github.com/bf4/4223e83e8becacfb2a8e/download | \
tar xzvf - --include 'update.rb' -O | ruby
via bash:
copy and paste update.bash
or
\curl -sSL https://gist.github.com/bf4/4223e83e8becacfb2a8e/download | \
tar xzvf - --include 'update.bash' -O | bash
refs:
Notes to self: