How to patch the iOS SSL bug without updating to iOS 7.0.6


Renowned iOS developer Ryan Petrich has released a patch on his personal beta repo to fix the SSL issue present in iOS firmware below iOS 7.0.6. On Friday, Apple unexpectedly dropped the new iOS 7.0.6 firmware to fix the egregious security hole, which is detailed in this post.

Such a serious security flaw is bad for jailbreakers, because it means needing to update your device, and having to perform the jailbreak process all over again. Evasi0n7 1.0.6 was released to jailbreak iOS 7.0.6, but it’s still hassle to have to back everything up, restore to iOS 7.0.6, and re-jailbreak. Due to the serious nature of the security hole, we’ve been encouraging folks to update, which is understandably a huge hassle for many.

But Ryan Petrich has come through to save the day, releasing a fix for the SSL issue that allows users to remain on current firmware. Ryan’s SSLPatch release makes it so that you don’t have to immediately update to iOS 7.0.6 in order to protect yourself from the serious flaw. Check inside for more details.

To find SSLPatch, you’ll first need to add Ryan Petrich’s beta repo to your list of Cydia sources. His repo address is as follows:

Once you add the repo, search for SSLPatch. The SSLPatch page has a link to the analysis of the bug it fixes, along with a link to the code on GitHub if you’d like to inspect what it does.

SSLPatch 2

Install the SSLPatch tweak in order to be protected while running firmware lesser than iOS 7.0.6. In my opinion, this is more of a stopgap solution, and I still recommend eventually updating to iOS 7.0.6, but SSLPatch is a good way to protect yourself in the interim.

There are no options or settings to configure upon installation, just install it and go.

Ryan has always been one to look out for users, and we appreciate his contributions to the community. What about you?