tmaher/heroku-CVE-2013-0156.rb

## heroku-CVE-2013-0156.rb
## The quick-and-nasty CVE-2013-0156 Heroku inspector!
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
## Download and run using:
## ruby heroku-CVE-2013-0156.rb

`heroku list`.split("\n").each do |app|
  app = app.strip

  # Some "heroku apps" lines have === formatting for grouping. They're not apps.
  next if app[0..2] == "==="

  # Some are appended by owner emails
  app = app.split(" ")[0].to_s.strip

  # Blank lines can be ommitted.
  next if app == ""

  rails_path = `heroku run bundle show rails --app #{app}`.split("\n")[-1]
  rails_version_number = rails_path.split("rails-")[1]
  rails_version_number = rails_version_number.strip unless rails_version_number.nil?

  unless ["3.2.11", "3.1.10", "3.0.19", "2.3.15"].include?(rails_version_number) or rails_version_number.nil?
    puts "Uh oh! #{app} has #{rails_version_number}."
  else
    puts "..."
  end

end

## heroku-CVE-2013-0156.rb.asc.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)

iQEcBAABAgAGBQJQ73RVAAoJEN8hShkacUVqy1gH/RcVBKAdyIN4xsqoIjQ+JBHY
DylZjlI1J+oK2+ryQR6dVX+Y8G071cTQbTCaaCvZ8UIh63+jT3pKGcsV3sJVCtWI
kg3Ppk7hGEwUCnQ8BAT+Gc3XhfD3/8yzoXanb9YFvvkdy/4YA3Fzwj8lQ/yHh1tQ
3/H7+o1M+z2BNF+SwqhHgTnzY+2QoUUBZlMynyhl82IRaVJb2b9inRUAy+e341RX
kjQ2f5clsUzomZf1PWI1Lu1lVYZRA2Mk31oWwcot1pAJQQKHjpyhJ8jsvO//WTXP
qFuGK3p9JUN1vmpEEJKoXxOEduYCNR59FEHtW4KrHA7o5FxEKe2GGpVQKjnDWkA=
=o8cP
-----END PGP SIGNATURE-----
	## The quick-and-nasty CVE-2013-0156 Heroku inspector!
	## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
	## Download and run using:
	## ruby heroku-CVE-2013-0156.rb

	`heroku list`.split("\n").each do \|app\|
	app = app.strip

	# Some "heroku apps" lines have === formatting for grouping. They're not apps.
	next if app[0..2] == "==="

	# Some are appended by owner emails
	app = app.split(" ")[0].to_s.strip

	# Blank lines can be ommitted.
	next if app == ""

	rails_path = `heroku run bundle show rails --app #{app}`.split("\n")[-1]
	rails_version_number = rails_path.split("rails-")[1]
	rails_version_number = rails_version_number.strip unless rails_version_number.nil?

	unless ["3.2.11", "3.1.10", "3.0.19", "2.3.15"].include?(rails_version_number) or rails_version_number.nil?
	puts "Uh oh! #{app} has #{rails_version_number}."
	else
	puts "..."
	end

	end
	-----BEGIN PGP SIGNATURE-----
	Version: GnuPG v1.4.12 (Darwin)

	iQEcBAABAgAGBQJQ73RVAAoJEN8hShkacUVqy1gH/RcVBKAdyIN4xsqoIjQ+JBHY
	DylZjlI1J+oK2+ryQR6dVX+Y8G071cTQbTCaaCvZ8UIh63+jT3pKGcsV3sJVCtWI
	kg3Ppk7hGEwUCnQ8BAT+Gc3XhfD3/8yzoXanb9YFvvkdy/4YA3Fzwj8lQ/yHh1tQ
	3/H7+o1M+z2BNF+SwqhHgTnzY+2QoUUBZlMynyhl82IRaVJb2b9inRUAy+e341RX
	kjQ2f5clsUzomZf1PWI1Lu1lVYZRA2Mk31oWwcot1pAJQQKHjpyhJ8jsvO//WTXP
	qFuGK3p9JUN1vmpEEJKoXxOEduYCNR59FEHtW4KrHA7o5FxEKe2GGpVQKjnDWkA=
	=o8cP
	-----END PGP SIGNATURE-----